National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Contains Software Flaws (CVE)
  • CPE Product Version: cpe:/a:php:php:4.0:beta3
There are 385 matching records.
Displaying matches 361 through 380.
Vuln ID Summary CVSS Severity
CVE-2006-1608

The copy function in file.c in PHP 4.4.2 and 5.1.2 allows local users to bypass safe mode and read arbitrary files via a source argument containing a compress.zlib:// URI.

Published: April 10, 2006; 03:02:00 PM -04:00
    V2: 2.1 LOW
CVE-2006-0208

Multiple cross-site scripting (XSS) vulnerabilities in PHP 4.4.1 and 5.1.1, when display_errors and html_errors are on, allow remote attackers to inject arbitrary web script or HTML via inputs to PHP applications that are not filtered when they are included in the resulting error message.

Published: January 13, 2006; 06:03:00 PM -05:00
    V2: 2.6 LOW
CVE-2005-0596

PHP 4 (PHP4) allows attackers to cause a denial of service (daemon crash) by using the readfile function on a file whose size is a multiple of the page size.

Published: May 02, 2005; 12:00:00 AM -04:00
    V2: 2.1 LOW
CVE-2004-1019

The deserialization code in PHP before 4.3.10 and PHP 5.x up to 5.0.2 allows remote attackers to cause a denial of service and execute arbitrary code via untrusted data to the unserialize function that may trigger "information disclosure, double-free and negative reference index array underflow" results.

Published: January 10, 2005; 12:00:00 AM -05:00
    V2: 10.0 HIGH
CVE-2004-1065

Buffer overflow in the exif_read_data function in PHP before 4.3.10 and PHP 5.x up to 5.0.2 allows remote attackers to execute arbitrary code via a long section name in an image file.

Published: January 10, 2005; 12:00:00 AM -05:00
    V2: 10.0 HIGH
CVE-2004-1392

PHP 4.0 with cURL functions allows remote attackers to bypass the open_basedir setting and read arbitrary files via a file: URL argument to the curl_init function.

Published: December 31, 2004; 12:00:00 AM -05:00
    V2: 5.0 MEDIUM
CVE-2004-0958

php_variables.c in PHP before 5.0.2 allows remote attackers to read sensitive memory contents via (1) GET, (2) POST, or (3) COOKIE GPC variables that end in an open bracket character, which causes PHP to calculate an incorrect string length.

Published: November 03, 2004; 12:00:00 AM -05:00
    V2: 5.0 MEDIUM
CVE-2004-0959

rfc1867.c in PHP before 5.0.2 allows local users to upload files to arbitrary locations via a PHP script with a certain MIME header that causes the "$_FILES" array to be modified.

Published: November 03, 2004; 12:00:00 AM -05:00
    V2: 2.1 LOW
CVE-2004-0594

The memory_limit functionality in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, under certain conditions such as when register_globals is enabled, allows remote attackers to execute arbitrary code by triggering a memory_limit abort during execution of the zend_hash_init function and overwriting a HashTable destructor pointer before the initialization of key data structures is complete.

Published: July 27, 2004; 12:00:00 AM -04:00
    V2: 5.1 MEDIUM
CVE-2004-0595

The strip_tags function in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, does not filter null (\0) characters within tag names when restricting input to allowed tags, which allows dangerous tags to be processed by web browsers such as Internet Explorer and Safari, which ignore null characters and facilitate the exploitation of cross-site scripting (XSS) vulnerabilities.

Published: July 27, 2004; 12:00:00 AM -04:00
    V2: 6.8 MEDIUM
CVE-2003-0860

Buffer overflows in PHP before 4.3.3 have unknown impact and unknown attack vectors.

Published: November 17, 2003; 12:00:00 AM -05:00
    V2: 10.0 HIGH
CVE-2003-0861

Integer overflows in (1) base64_encode and (2) the GD library for PHP before 4.3.3 have unknown impact and unknown attack vectors.

Published: November 17, 2003; 12:00:00 AM -05:00
    V2: 10.0 HIGH
CVE-2003-0442

Cross-site scripting (XSS) vulnerability in the transparent SID support capability for PHP before 4.3.2 (session.use_trans_sid) allows remote attackers to insert arbitrary script via the PHPSESSID parameter.

Published: July 24, 2003; 12:00:00 AM -04:00
    V2: 4.3 MEDIUM
CVE-2003-0166

Integer signedness error in emalloc() function for PHP before 4.3.2 allow remote attackers to cause a denial of service (memory consumption) and possibly execute arbitrary code via negative arguments to functions such as (1) socket_recv, (2) socket_recvfrom, and possibly other functions.

Published: April 02, 2003; 12:00:00 AM -05:00
    V2: 7.5 HIGH
CVE-2002-2215

The imap_header function in the IMAP functionality for PHP before 4.3.0 allows remote attackers to cause a denial of service via an e-mail message with a large number of "To" addresses, which triggers an error in the rfc822_write_address function.

Published: December 31, 2002; 12:00:00 AM -05:00
    V2: 5.0 MEDIUM
CVE-2002-2309

php.exe in PHP 3.0 through 4.2.2, when running on Apache, does not terminate properly, which allows remote attackers to cause a denial of service via a direct request without arguments.

Published: December 31, 2002; 12:00:00 AM -05:00
    V2: 7.8 HIGH
CVE-2002-0985

Argument injection vulnerability in the mail function for PHP 4.x to 4.2.2 may allow attackers to bypass safe mode restrictions and modify command line arguments to the MTA (e.g. sendmail) in the 5th argument to mail(), altering MTA behavior and possibly executing commands.

Published: September 24, 2002; 12:00:00 AM -04:00
    V2: 7.5 HIGH
CVE-2002-0986

The mail function in PHP 4.x to 4.2.2 does not filter ASCII control characters from its arguments, which could allow remote attackers to modify mail message content, including mail headers, and possibly use PHP as a "spam proxy."

Published: September 24, 2002; 12:00:00 AM -04:00
    V2: 5.0 MEDIUM
CVE-2002-0484

move_uploaded_file in PHP does not does not check for the base directory (open_basedir), which could allow remote attackers to upload files to unintended locations on the system.

Published: August 12, 2002; 12:00:00 AM -04:00
    V2: 5.0 MEDIUM
CVE-2002-0253

PHP, when not configured with the "display_errors = Off" setting in php.ini, allows remote attackers to obtain the physical path for an include file via a trailing slash in a request to a directly accessible PHP program, which modifies the base path, causes the include directive to fail, and produces an error message that contains the path.

Published: May 29, 2002; 12:00:00 AM -04:00
    V2: 5.0 MEDIUM