Max CVSS | 7.8 | Min CVSS | 2.1 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2008-2108 | 7.5 |
The GENERATE_SEED macro in PHP 4.x before 4.4.8 and 5.x before 5.2.5, when running on 64-bit systems, performs a multiplication that generates a portion of zero bits during conversion due to insufficient precision, which produces 24 bits of entropy a
|
15-02-2024 - 03:29 | 07-05-2008 - 21:20 | |
CVE-2006-5465 | 7.5 |
Buffer overflow in PHP before 5.2.0 allows remote attackers to execute arbitrary code via crafted UTF-8 inputs to the (1) htmlentities or (2) htmlspecialchars functions.
|
30-10-2018 - 16:25 | 04-11-2006 - 00:07 | |
CVE-2007-2509 | 2.6 |
CRLF injection vulnerability in the ftp_putcmd function in PHP before 4.4.7, and 5.x before 5.2.2 allows remote attackers to inject arbitrary FTP commands via CRLF sequences in the parameters to earlier FTP commands.
|
30-10-2018 - 16:25 | 09-05-2007 - 00:19 | |
CVE-2007-1825 | 7.5 |
Buffer overflow in the imap_mail_compose function in PHP 5 before 5.2.1, and PHP 4 before 4.4.5, allows remote attackers to execute arbitrary code via a long boundary string in a type.parameters field. NOTE: as of 20070411, it appears that this issue
|
30-10-2018 - 16:25 | 02-04-2007 - 23:19 | |
CVE-2007-1718 | 7.8 |
CRLF injection vulnerability in the mail function in PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 allows remote attackers to inject arbitrary e-mail headers and possibly conduct spam attacks via a control character immediately following folding of
|
30-10-2018 - 16:25 | 28-03-2007 - 00:19 | |
CVE-2009-0754 | 2.1 |
PHP 4.4.4, 5.1.6, and other versions, when running on Apache, allows local users to modify behavior of other sites hosted on the same web server by modifying the mbstring.func_overload setting within .htaccess, which causes this setting to be applied
|
03-10-2018 - 21:58 | 03-03-2009 - 16:30 | |
CVE-2007-4670 | 5.0 |
Unspecified vulnerability in PHP before 5.2.4 has unknown impact and attack vectors, related to an "Improved fix for MOPB-03-2007," probably a variant of CVE-2007-1285.
|
03-10-2018 - 21:48 | 05-09-2007 - 00:17 |