Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pear pear 1.0 vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2009-4024
Argument injection vulnerability in the ping function in Ping.php in the Net_Ping package prior to 2.4.5 for PEAR allows remote malicious users to execute arbitrary shell commands via the host parameter. NOTE: this has also been reported as a shell metacharacter problem.
Pear Pear 2.1
Pear Pear 1.0.1
Pear Pear
Pear Pear 2.4.3
Pear Pear 2.4.2
Pear Pear 1.0
Pear Pear 0.1
Pear Pear 2.4.1
Pear Pear 2.4
Pear Pear 2.3
Pear Pear 2.2
10
CVSSv2
CVE-2005-4730
Unspecified vulnerability in PEAR Text_Password 1.0 has unknown impact and attack vectors, related to "problematic seeding" of the random number generator, possibly predictable seeds.
Pear Text Password 1.0
7.5
CVSSv2
CVE-2011-1148
Use-after-free vulnerability in the substr_replace function in PHP 5.3.6 and previous versions allows context-dependent malicious users to cause a denial of service (memory corruption) or possibly have unspecified other impact by using the same variable for multiple arguments.
Php Php 5.3.0
Php Php 4.0.3
Php Php 4.0.4
Php Php 4.0
Php Php 4.1.0
Php Php 4.2.2
Php Php 4.2.3
Php Php 4.3.2
Php Php 4.3.3
Php Php 4.4.1
Php Php 4.4.2
Php Php 4.4.9
Php Php 3.0.11
Php Php 3.0.18
Php Php 3.0.4
Php Php 3.0.8
Php Php 3.0.5
Php Php 5.3.5
Php Php
Php Php 4.0.1
Php Php 4.0.2
Php Php 4.2.1
7.5
CVSSv2
CVE-2011-1092
Integer overflow in ext/shmop/shmop.c in PHP prior to 5.3.6 allows context-dependent malicious users to cause a denial of service (crash) and possibly read sensitive memory via a large third argument to the shmop_read function.
Php Php 5.3.1
Php Php 5.3.2
Php Php 4.0.6
Php Php 4.0.7
Php Php 4.1.1
Php Php 4.1.2
Php Php 4.3.0
Php Php 4.0.2
Php Php 4.0.3
Php Php 4.0
Php Php 4.0.0
Php Php 4.0.1
Php Php 4.2.0
Php Php 4.3.1
Php Php 4.3.10
Php Php 4.3.7
Php Php 4.3.8
Php Php 4.4.5
Php Php 4.4.6
Php Php 3.0.1
Php Php 3.0
Php Php 3.0.17
1 EDB exploit
6.8
CVSSv2
CVE-2010-4697
Use-after-free vulnerability in the Zend engine in PHP prior to 5.2.15 and 5.3.x prior to 5.3.4 might allow context-dependent malicious users to cause a denial of service (heap memory corruption) or have unspecified other impact via vectors related to use of __set, __get, __isset...
Php Php 5.2.0
Php Php 5.2.7
Php Php 5.2.8
Php Php 5.1.3
Php Php 5.1.2
Php Php 5.0.0
Php Php 5.0.2
Php Php 5.0.3
Php Php 4.0.4
Php Php 4.0.5
Php Php 4.1.0
Php Php 4.1.1
Php Php 4.2.3
Php Php 4.3.3
Php Php 4.3.4
Php Php 4.3.5
Php Php 4.4.2
Php Php 5.2.3
Php Php 5.2.4
Php Php 5.2.11
Php Php 5.2.12
Php Php 5.1.6
6.8
CVSSv2
CVE-2007-2519
Directory traversal vulnerability in the installer in PEAR 1.0 up to and including 1.5.3 allows user-assisted remote malicious users to overwrite arbitrary files via a .. (dot dot) sequence in the (1) install-as attribute in the file element in package.xml 1.0 or the (2) as attri...
Php Group Pear 1.2b2
Php Group Pear 1.2b3
Php Group Pear 1.3.5
Php Group Pear 1.1
Php Group Pear 1.2
Php Group Pear 1.3
Php Group Pear 1.3.1
Php Group Pear 1.3.3
Php Group Pear 1.3b3
Php Group Pear 1.3b5
Php Group Pear 1.4.0a2
Php Group Pear 1.4.0a3
Php Group Pear 1.0
Php Group Pear 1.0.1
Php Group Pear 1.2b4
Php Group Pear 1.2b5
Php Group Pear 1.3b1
Php Group Pear 1.3b2
Php Group Pear 1.4.0a11
Php Group Pear 1.4.0a12
Php Group Pear 1.4.0a8
Php Group Pear 1.4.0a9
1 EDB exploit
6.4
CVSSv2
CVE-2011-2202
The rfc1867_post_handler function in main/rfc1867.c in PHP prior to 5.3.7 does not properly restrict filenames in multipart/form-data POST requests, which allows remote malicious users to conduct absolute path traversal attacks, and possibly create or overwrite arbitrary files, v...
Php Php 5.3.0
Php Php 4.0.4
Php Php 4.0.5
Php Php 4.0
Php Php 4.1.0
Php Php 4.2.2
Php Php 4.2.3
Php Php 4.3.3
Php Php 4.3.4
Php Php 4.4.1
Php Php 4.4.2
Php Php 3.0.11
Php Php 3.0.10
Php Php 3.0.4
Php Php 3.0.3
Php Php 3.0.8
Php Php 3.0.5
Php Php
Php Php 4.0.0
Php Php 4.0.1
Php Php 4.2.0
Php Php 4.3.1
1 EDB exploit
5.1
CVSSv2
CVE-2005-4154
Unspecified vulnerability in PEAR installer 1.4.2 and previous versions allows user-assisted malicious users to execute arbitrary code via a crafted package that can execute code when the pear command is executed or when the Web/Gtk frontend is loaded.
Php Pear 0.9
Php Pear 0.90
Php Pear 1.2.1
Php Pear 1.2
Php Pear 1.3.3
Php Pear 1.3.3.1
Php Pear 1.3
Php Pear 1.4.0
Php Pear 1.4.1
Php Pear
Php Pear 0.10
Php Pear 0.11
Php Pear 1.1
Php Pear 1.3.1
Php Pear 1.0
Php Pear 1.0.1
Php Pear 1.3.4
Php Pear 1.3.5
Php Pear 1.3.6
5
CVSSv2
CVE-2011-3267
PHP prior to 5.3.7 does not properly implement the error_log function, which allows context-dependent malicious users to cause a denial of service (application crash) via unspecified vectors.
Php Php 4.3.11
Php Php 4.3.4
Php Php 4.2.2
Php Php 4.4.5
Php Php 4.4.6
Php Php 4.3.8
Php Php 4.3.9
Php Php 4.4.4
Php Php 5.0.5
Php Php 5.0.0
Php Php 5.2.12
Php Php 5.2.13
Php Php 5.2.2
Php Php 1.0
Php Php 5.3.0
Php Php 3.0.11
Php Php 3.0.18
Php Php 3.0.4
Php Php 4.0
Php Php 3.0.9
Php Php 4.3.3
Php Php 4.3.6
5
CVSSv2
CVE-2011-3182
PHP prior to 5.3.7 does not properly check the return values of the malloc, calloc, and realloc library functions, which allows context-dependent malicious users to cause a denial of service (NULL pointer dereference and application crash) or trigger a buffer overflow by leveragi...
Php Php 4.3.3
Php Php 4.3.6
Php Php 4.4.6
Php Php 4.4.7
Php Php 4.3.9
Php Php 5.2.8
Php Php 4.4.0
Php Php 5.0.4
Php Php 5.2.9
Php Php 5.0.0
Php Php 5.1.6
Php Php 5.2.0
Php Php 2.0b10
Php Php 2.0
Php Php 3.0.11
Php Php 3.0.10
Php Php 3.0.3
Php Php 3.0.15
Php Php 3.0.7
Php Php 3.0.8
Php Php 4.0
Php Php 4.0.6
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »