National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Keyword (text search): PHP
  • Search Type: Search All
  • Contains Software Flaws (CVE)
There are 26,393 matching records.
Displaying matches 26181 through 26200.
Vuln ID Summary CVSS Severity
CVE-2001-0321

opendir.php script in PHP-Nuke allows remote attackers to read arbitrary files by specifying the filename as an argument to the requesturl parameter.

Published: May 03, 2001; 12:00:00 AM -04:00
V2: 5.0 MEDIUM
CVE-2001-0169

When using the LD_PRELOAD environmental variable in SUID or SGID applications, glibc does not verify that preloaded libraries in /etc/ld.so.cache are also SUID/SGID, which could allow a local user to overwrite arbitrary files by loading a library from /lib or /usr/lib.

Published: March 26, 2001; 12:00:00 AM -05:00
V2: 2.1 LOW
CVE-2001-0178

kdesu program in KDE2 (KDE before 2.2.0-6) does not properly verify the owner of a UNIX socket that is used to send a password, which allows local users to steal passwords and gain privileges.

Published: March 26, 2001; 12:00:00 AM -05:00
V2: 2.1 LOW
CVE-2001-0201

The Postaci frontend for PostgreSQL does not properly filter characters such as semicolons, which could allow remote attackers to execute arbitrary SQL queries via the deletecontact.php program.

Published: March 26, 2001; 12:00:00 AM -05:00
V2: 7.5 HIGH
CVE-2001-0222

webmin 0.84 and earlier allows local users to overwrite and create arbitrary files via a symlink attack.

Published: March 26, 2001; 12:00:00 AM -05:00
V2: 1.2 LOW
CVE-1999-0729

Buffer overflow in Lotus Notes LDAP (NLDAP) allows an attacker to conduct a denial of service through the ldap_search request.

Published: March 12, 2001; 12:00:00 AM -05:00
V2: 5.0 MEDIUM
CVE-1999-0945

Buffer overflow in Internet Mail Service (IMS) for Microsoft Exchange 5.5 and 5.0 allows remote attackers to conduct a denial of service via AUTH or AUTHINFO commands.

Published: March 12, 2001; 12:00:00 AM -05:00
V2: 5.0 MEDIUM
CVE-2001-0108

PHP Apache module 4.0.4 and earlier allows remote attackers to bypass .htaccess access restrictions via a malformed HTTP request on an unrestricted page that causes PHP to use those access controls on the next page that is requested.

Published: March 12, 2001; 12:00:00 AM -05:00
V2: 5.0 MEDIUM
CVE-2001-0116

gpm 1.19.3 allows local users to overwrite arbitrary files via a symlink attack.

Published: March 12, 2001; 12:00:00 AM -05:00
V2: 1.2 LOW
CVE-2001-0117

sdiff 2.7 in the diffutils package allows local users to overwrite files via a symlink attack.

Published: March 12, 2001; 12:00:00 AM -05:00
V2: 1.2 LOW
CVE-2001-0118

rdist 6.1.5 allows local users to overwrite arbitrary files via a symlink attack.

Published: March 12, 2001; 12:00:00 AM -05:00
V2: 1.2 LOW
CVE-2001-0119

getty_ps 2.0.7j allows local users to overwrite arbitrary files via a symlink attack.

Published: March 12, 2001; 12:00:00 AM -05:00
V2: 1.2 LOW
CVE-2001-0120

useradd program in shadow-utils program may allow local users to overwrite arbitrary files via a symlink attack.

Published: March 12, 2001; 12:00:00 AM -05:00
V2: 1.2 LOW
CVE-2001-0125

exmh 2.2 and earlier allows local users to overwrite arbitrary files via a symlink attack on the exmhErrorMsg temporary file.

Published: March 12, 2001; 12:00:00 AM -05:00
V2: 1.2 LOW
CVE-2001-0128

Zope before 2.2.4 does not properly compute local roles, which could allow users to bypass specified access restrictions and gain privileges.

Published: March 12, 2001; 12:00:00 AM -05:00
V2: 7.2 HIGH
CVE-2001-0136

Memory leak in ProFTPd 1.2.0rc2 allows remote attackers to cause a denial of service via a series of USER commands, and possibly SIZE commands if the server has been improperly installed.

Published: March 12, 2001; 12:00:00 AM -05:00
V2: 5.0 MEDIUM
CVE-2001-0138

privatepw program in wu-ftpd before 2.6.1-6 allows local users to overwrite arbitrary files via a symlink attack.

Published: March 12, 2001; 12:00:00 AM -05:00
V2: 1.2 LOW
CVE-2001-0139

inn 2.2.3 allows local users to overwrite arbitrary files via a symlink attack in some configurations.

Published: March 12, 2001; 12:00:00 AM -05:00
V2: 1.2 LOW
CVE-2001-0140

arpwatch 2.1a4 allows local users to overwrite arbitrary files via a symlink attack in some configurations.

Published: March 12, 2001; 12:00:00 AM -05:00
V2: 1.2 LOW
CVE-2001-0141

mgetty 1.1.22 allows local users to overwrite arbitrary files via a symlink attack in some configurations.

Published: March 12, 2001; 12:00:00 AM -05:00
V2: 1.2 LOW