Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pear vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2009-4024
Argument injection vulnerability in the ping function in Ping.php in the Net_Ping package prior to 2.4.5 for PEAR allows remote malicious users to execute arbitrary shell commands via the host parameter. NOTE: this has also been reported as a shell metacharacter problem.
Pear Pear 2.1
Pear Pear 1.0.1
Pear Pear
Pear Pear 2.4.3
Pear Pear 2.4.2
Pear Pear 1.0
Pear Pear 0.1
Pear Pear 2.4.1
Pear Pear 2.4
Pear Pear 2.3
Pear Pear 2.2
6.4
CVSSv2
CVE-2006-0869
Directory traversal vulnerability in the "remember me" feature in liveuser.php in PHP Extension and Application Repository (PEAR) LiveUser 0.16.8 and previous versions allows remote malicious users to determine file existence, and possibly delete arbitrary files with sh...
Pear Pear Liveuser 0.10.0
Pear Pear Liveuser 0.13.3
Pear Pear Liveuser 0.14.0
Pear Pear Liveuser 0.15.0
Pear Pear Liveuser 0.16.5
Pear Pear Liveuser 0.16.6
Pear Pear Liveuser 0.6.1
Pear Pear Liveuser 0.7
Pear Pear Liveuser 0.11.0
Pear Pear Liveuser 0.11.1
Pear Pear Liveuser 0.15.1
Pear Pear Liveuser 0.16.0
Pear Pear Liveuser 0.16.7
Pear Pear Liveuser 0.16.8
Pear Pear Liveuser 0.8
Pear Pear Liveuser 0.8.1
Pear Pear Liveuser 0.13.1
Pear Pear Liveuser 0.13.2
Pear Pear Liveuser 0.16.3
Pear Pear Liveuser 0.16.4
Pear Pear Liveuser 0.5.1
Pear Pear Liveuser 0.6
1 EDB exploit
10
CVSSv2
CVE-2009-4025
Argument injection vulnerability in the traceroute function in Traceroute.php in the Net_Traceroute package prior to 0.21.2 for PEAR allows remote malicious users to execute arbitrary shell commands via the host parameter. NOTE: some of these details are obtained from third party...
Pear Pear 0.21
Pear Pear
Pear Pear 0.20
Pear Pear 0.11
3.3
CVSSv2
CVE-2011-1072
The installer in PEAR prior to 1.9.2 allows local users to overwrite arbitrary files via a symlink attack on the package.xml file, related to the (1) download_dir, (2) cache_dir, (3) tmp_dir, and (4) pear-build-download directories, a different vulnerability than CVE-2007-2519.
Php Pear 0.11
Php Pear 1.0
Php Pear 1.2
Php Pear 1.3.6
Php Pear 1.3.5
Php Pear 1.4.0
Php Pear 0.90
Php Pear 0.10
Php Pear 1.2.1
Php Pear 1.1
Php Pear 1.3
Php Pear 1.4.2
Php Pear 0.2.2
Php Pear 0.9
Php Pear 1.0.1
Php Pear 1.3.3
Php Pear 1.3.1
Php Pear 1.4.1
Php Pear
Php Pear 1.6.1
Php Pear 1.3.4
Php Pear 1.3.3.1
3.3
CVSSv2
CVE-2011-1144
The installer in PEAR 1.9.2 and previous versions allows local users to overwrite arbitrary files via a symlink attack on the package.xml file, related to the (1) download_dir, (2) cache_dir, (3) tmp_dir, and (4) pear-build-download directories. NOTE: this vulnerability exists be...
Php Pear 1.0
Php Pear 1.0.1
Php Pear 1.2
Php Pear 1.3.4
Php Pear 1.3.3.1
Php Pear 1.3
Php Pear 1.4.0
Php Pear 1.9.1
Php Pear 1.6.1
Php Pear 1.5.1
Php Pear 1.3.6
Php Pear 1.3.5
Php Pear
Php Pear 0.2.2
Php Pear 0.9
Php Pear 0.90
Php Pear 1.2.1
Php Pear 1.3.3
Php Pear 1.3.1
Php Pear 1.4.1
Php Pear 1.5.0
Php Pear 0.10
5.1
CVSSv2
CVE-2005-4154
Unspecified vulnerability in PEAR installer 1.4.2 and previous versions allows user-assisted malicious users to execute arbitrary code via a crafted package that can execute code when the pear command is executed or when the Web/Gtk frontend is loaded.
Php Pear 0.9
Php Pear 0.90
Php Pear 1.2.1
Php Pear 1.2
Php Pear 1.3.3
Php Pear 1.3.3.1
Php Pear 1.3
Php Pear 1.4.0
Php Pear 1.4.1
Php Pear
Php Pear 0.10
Php Pear 0.11
Php Pear 1.1
Php Pear 1.3.1
Php Pear 1.0
Php Pear 1.0.1
Php Pear 1.3.4
Php Pear 1.3.5
Php Pear 1.3.6
6.8
CVSSv2
CVE-2007-2519
Directory traversal vulnerability in the installer in PEAR 1.0 up to and including 1.5.3 allows user-assisted remote malicious users to overwrite arbitrary files via a .. (dot dot) sequence in the (1) install-as attribute in the file element in package.xml 1.0 or the (2) as attri...
Php Group Pear 1.2b2
Php Group Pear 1.2b3
Php Group Pear 1.3.5
Php Group Pear 1.1
Php Group Pear 1.2
Php Group Pear 1.3
Php Group Pear 1.3.1
Php Group Pear 1.3.3
Php Group Pear 1.3b3
Php Group Pear 1.3b5
Php Group Pear 1.4.0a2
Php Group Pear 1.4.0a3
Php Group Pear 1.0
Php Group Pear 1.0.1
Php Group Pear 1.2b4
Php Group Pear 1.2b5
Php Group Pear 1.3b1
Php Group Pear 1.3b2
Php Group Pear 1.4.0a11
Php Group Pear 1.4.0a12
Php Group Pear 1.4.0a8
Php Group Pear 1.4.0a9
1 EDB exploit
7.5
CVSSv2
CVE-2006-0868
Multiple unspecified injection vulnerabilities in unspecified Auth Container back ends for PEAR::Auth prior to 1.2.4, and 1.3.x prior to 1.3.0r4, allow remote malicious users to "falsify authentication credentials," related to the "underlying storage containers.&qu...
Pear Xml Rpc 1.0.2
Pear Xml Rpc 1.0.3
Pear Xml Rpc 1.2.0rc5
Pear Xml Rpc 1.2.0rc6
Pear Xml Rpc 1.0.4
Pear Xml Rpc 1.1.0
Pear Xml Rpc 1.2.0
Pear Xml Rpc 1.2.0rc7
Pear Xml Rpc 1.2.1
Pear Xml Rpc 1.2.0rc3
Pear Xml Rpc 1.2.0rc4
Pear Xml Rpc 1.3.0rc2
Pear Xml Rpc 1.3.0rc3
Pear Xml Rpc 1.2.0rc1
Pear Xml Rpc 1.2.0rc2
Pear Xml Rpc 1.2.2
Pear Xml Rpc 1.3.0rc1
7.5
CVSSv2
CVE-2017-5677
PEAR HTML_AJAX 0.3.0 up to and including 0.5.7 has a PHP Object Injection Vulnerability in the PHP Serializer. It allows remote code execution. In one viewpoint, the root cause is an incorrect regular expression.
Pear Html Ajax 0.5.6
Pear Html Ajax 0.5.4
Pear Html Ajax 0.3.4
Pear Html Ajax 0.3.2
Pear Html Ajax 0.5.3
Pear Html Ajax 0.5.2
Pear Html Ajax 0.5.1
Pear Html Ajax 0.5.0
Pear Html Ajax 0.4.1
Pear Html Ajax 0.3.1
Pear Html Ajax 0.3.0
Pear Html Ajax 0.5.7
Pear Html Ajax 0.5.5
Pear Html Ajax 0.4.0
Pear Html Ajax 0.3.3
7.5
CVSSv2
CVE-2009-4023
Argument injection vulnerability in the sendmail implementation of the Mail::Send method (Mail/sendmail.php) in the Mail package 1.1.14 for PEAR allows remote malicious users to read and write arbitrary files via a crafted $from parameter, a different vector than CVE-2009-4111.
Pear Pear 1.1.14
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-2108
CVE-2024-31061
CVE-2024-25959
CVE-2023-45866
injection
IDOR
memory leak
CVE-2024-1086
CVE-2023-42931
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »