Search Results (Refine Search)
- CPE Product Version: cpe:/a:php:php:5.1.2
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2006-1017 |
The c-client library 2000, 2001, or 2004 for PHP before 4.4.4 and 5.x before 5.1.5 do not check the (1) safe_mode or (2) open_basedir functions, and when used in applications that accept user-controlled input for the mailbox argument to the imap_open function, allow remote attackers to obtain access to an IMAP stream data structure and conduct unauthorized IMAP actions. Published: March 06, 2006; 7:02:00 PM -0500 |
V3.x:(not available) V2.0: 9.3 HIGH |