Max CVSS | 6.8 | Min CVSS | 4.3 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2010-4645 | 5.0 |
strtod.c, as used in the zend_strtod function in PHP 5.2 before 5.2.17 and 5.3 before 5.3.5, and other products, allows context-dependent attackers to cause a denial of service (infinite loop) via a certain floating-point value in scientific notation
|
15-05-2023 - 00:15 | 11-01-2011 - 03:00 | |
CVE-2010-3870 | 6.8 |
The utf8_decode function in PHP before 5.3.4 does not properly handle non-shortest form UTF-8 encoding and ill-formed subsequences in UTF-8 data, which makes it easier for remote attackers to bypass cross-site scripting (XSS) and SQL injection protec
|
13-02-2023 - 04:27 | 12-11-2010 - 21:00 | |
CVE-2010-3709 | 4.3 |
The ZipArchive::getArchiveComment function in PHP 5.2.x through 5.2.14 and 5.3.x through 5.3.3 allows context-dependent attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted ZIP archive.
|
13-02-2023 - 04:25 | 09-11-2010 - 01:00 | |
CVE-2010-3436 | 5.0 |
fopen_wrappers.c in PHP 5.3.x through 5.3.3 might allow remote attackers to bypass open_basedir restrictions via vectors related to the length of a filename.
|
01-09-2022 - 16:32 | 09-11-2010 - 01:00 | |
CVE-2009-5016 | 6.8 |
Integer overflow in the xml_utf8_decode function in ext/xml/xml.c in PHP before 5.2.11 makes it easier for remote attackers to bypass cross-site scripting (XSS) and SQL injection protection mechanisms via a crafted string that uses overlong UTF-8 enc
|
30-10-2018 - 16:26 | 12-11-2010 - 22:00 | |
CVE-2010-4409 | 5.0 |
Integer overflow in the NumberFormatter::getSymbol (aka numfmt_get_symbol) function in PHP 5.3.3 and earlier allows context-dependent attackers to cause a denial of service (application crash) via an invalid argument.
|
30-10-2018 - 16:26 | 06-12-2010 - 20:13 | |
CVE-2010-3710 | 4.3 |
Stack consumption vulnerability in the filter_var function in PHP 5.2.x through 5.2.14 and 5.3.x through 5.3.3, when FILTER_VALIDATE_EMAIL mode is used, allows remote attackers to cause a denial of service (memory consumption and application crash) v
|
23-08-2016 - 02:02 | 25-10-2010 - 20:01 | |
CVE-2010-4156 | 5.0 |
The mb_strcut function in Libmbfl 1.1.0, as used in PHP 5.3.x through 5.3.3, allows context-dependent attackers to obtain potentially sensitive information via a large value of the third parameter (aka the length parameter).
|
04-05-2011 - 02:52 | 10-11-2010 - 03:00 |