Search Results (Refine Search)
- CPE Product Version: cpe:/a:php:php:4.0.7
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2001-1246 |
PHP 4.0.5 through 4.1.0 in safe mode does not properly cleanse the 5th parameter to the mail() function, which allows local users and possibly remote attackers to execute arbitrary commands via shell metacharacters. Published: June 30, 2001; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 7.5 HIGH |