National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Keyword (text search): PHP
  • Search Type: Search All
  • Contains Software Flaws (CVE)
There are 25,875 matching records.
Displaying matches 25621 through 25640.
Vuln ID Summary CVSS Severity
CVE-2001-0441

Buffer overflow in (1) wrapping and (2) unwrapping functions of slrn news reader before 0.9.7.0 allows remote attackers to execute arbitrary commands via a long message header.

Published: June 27, 2001; 12:00:00 AM -04:00
V2: 7.5 HIGH
CVE-2001-0442

Buffer overflow in Mercury MTA POP3 server for NetWare 1.48 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long APOP command.

Published: June 27, 2001; 12:00:00 AM -04:00
V2: 7.5 HIGH
CVE-2001-0458

Multiple buffer overflows in ePerl before 2.2.14-0.7 allow local and remote attackers to execute arbitrary commands.

Published: June 27, 2001; 12:00:00 AM -04:00
V2: 7.5 HIGH
CVE-2001-0473

Format string vulnerability in Mutt before 1.2.5 allows a remote malicious IMAP server to execute arbitrary commands.

Published: June 27, 2001; 12:00:00 AM -04:00
V2: 7.5 HIGH
CVE-2001-0474

Utah-glx in Mesa before 3.3-14 on Mandrake Linux 7.2 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/glxmemory file.

Published: June 27, 2001; 12:00:00 AM -04:00
V2: 2.1 LOW
CVE-2001-0475

index.php in Jelsoft vBulletin does not properly initialize a PHP variable that is used to store template information, which allows remote attackers to execute arbitrary PHP code via special characters in the templatecache parameter.

Published: June 27, 2001; 12:00:00 AM -04:00
V2: 7.5 HIGH
CVE-2001-0478

Directory traversal vulnerability in phpMyAdmin 2.2.0 and earlier versions allows remote attackers to execute arbitrary code via a .. (dot dot) in an argument to the sql.php script.

Published: June 27, 2001; 12:00:00 AM -04:00
V2: 7.5 HIGH
CVE-2001-0479

Directory traversal vulnerability in phpPgAdmin 2.2.1 and earlier versions allows remote attackers to execute arbitrary code via a .. (dot dot) in an argument to the sql.php script.

Published: June 27, 2001; 12:00:00 AM -04:00
V2: 7.5 HIGH
CVE-2001-0481

Vulnerability in rpmdrake in Mandrake Linux 8.0 related to insecure temporary file handling.

Published: June 27, 2001; 12:00:00 AM -04:00
V2: 7.2 HIGH
CVE-2001-0487

AIX SNMP server snmpd allows remote attackers to cause a denial of service via a RST during the TCP connection.

Published: June 27, 2001; 12:00:00 AM -04:00
V2: 5.0 MEDIUM
CVE-2001-0496

kdesu in kdelibs package creates world readable temporary files containing authentication info, which can allow local users to gain privileges.

Published: June 27, 2001; 12:00:00 AM -04:00
V2: 4.6 MEDIUM
CVE-2001-1162

Directory traversal vulnerability in the %m macro in the smb.conf configuration file in Samba before 2.2.0a allows remote attackers to overwrite certain files via a .. in a NETBIOS name, which is used as the name for a .log file.

Published: June 23, 2001; 12:00:00 AM -04:00
V2: 10.0 HIGH
CVE-2001-0906

teTeX filter before 1.0.7 allows local users to gain privileges via a symlink attack on temporary files that are produced when printing .dvi files using lpr.

Published: June 22, 2001; 12:00:00 AM -04:00
V2: 6.2 MEDIUM
CVE-2001-1276

ispell before 3.1.20 allows local users to overwrite files of other users via a symlink attack on a temporary file.

Published: June 21, 2001; 12:00:00 AM -04:00
V2: 1.2 LOW
CVE-2001-0383

banners.php in PHP-Nuke 4.4 and earlier allows remote attackers to modify banner ad URLs by directly calling the Change operation, which does not require authentication.

Published: June 18, 2001; 12:00:00 AM -04:00
V2: 5.0 MEDIUM
CVE-2001-0408

vim (aka gvim) processes VIM control codes that are embedded in a file, which could allow attackers to execute arbitrary commands when another user opens a file containing malicious VIM control codes.

Published: June 18, 2001; 12:00:00 AM -04:00
V2: 5.1 MEDIUM
CVE-2001-0414

Buffer overflow in ntpd ntp daemon 4.0.99k and earlier (aka xntpd and xntp3) allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long readvar argument.

Published: June 18, 2001; 12:00:00 AM -04:00
V2: 10.0 HIGH
CVE-2001-1077

Buffer overflow in tt_printf function of rxvt 2.6.2 allows local users to gain privileges via a long (1) -T or (2) -name argument.

Published: June 15, 2001; 12:00:00 AM -04:00
V2: 4.6 MEDIUM
CVE-2001-0001

cookiedecode function in PHP-Nuke 4.4 allows users to bypass authentication and gain access to other user accounts by extracting the authentication information from a cookie.

Published: June 02, 2001; 12:00:00 AM -04:00
V2: 7.5 HIGH
CVE-2001-0318

Format string vulnerability in ProFTPD 1.2.0rc2 may allow attackers to execute arbitrary commands by shutting down the FTP server while using a malformed working directory (cwd).

Published: June 02, 2001; 12:00:00 AM -04:00
V2: 7.5 HIGH