Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pear pear vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2006-0931
Directory traversal vulnerability in PEAR::Archive_Tar 1.2, and other versions prior to 1.3.2, allows remote malicious users to create and overwrite arbitrary files via certain crafted pathnames in a TAR archive.
Pear Pear Archive Tar
NA
CVE-2015-10028
A vulnerability has been found in ss15-this-is-sparta and classified as problematic. This vulnerability affects unknown code of the file js/roomElement.js of the component Main Page. The manipulation leads to cross site scripting. The attack can be initiated remotely. The name of...
Pear Programming Project Pear Programming
445
VMScore
CVE-2006-0932
Directory traversal vulnerability in zip.lib.php 0.1.1 in PEAR::Archive_Zip allows remote malicious users to create and overwrite arbitrary files via certain crafted pathnames in a ZIP archive.
Pear Pear Archive Zip 1.1
605
VMScore
CVE-2009-4111
Argument injection vulnerability in Mail/sendmail.php in the Mail package 1.1.14, 1.2.0b2, and possibly other versions for PEAR allows remote malicious users to read and write arbitrary files via a crafted $recipients parameter, and possibly other parameters, a different vulnerab...
Pear Mail 1.1.14
Pear Mail 1.2.0b2
445
VMScore
CVE-2022-24953
The Crypt_GPG extension prior to 1.6.7 for PHP does not prevent additional options in GPG calls, which presents a risk for certain environments and GPG versions.
Pear Crypt Gpg
505
VMScore
CVE-2017-5630
PECL in the download utility class in the Installer in PEAR Base System v1.10.1 does not validate file types and filenames after a redirect, which allows remote HTTP servers to overwrite files via crafted responses, as demonstrated by a .htaccess overwrite.
Php Pear 1.10.1
1 EDB exploit
312
VMScore
CVE-2022-23903
A Cross Site Scripting (XSS) vulnerability exists in pearadmin pear-admin-think <=5.0.6, which allows a login account to access arbitrary functions and cause stored XSS through a fake User-Agent.
Pearadmin Pear Admin Think
NA
CVE-2023-30417
A cross-site scripting (XSS) vulnerability in Pear-Admin-Boot up to v2.0.2 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the Title of a private message.
Pearadmin Pear Admin Boot
890
VMScore
CVE-2005-4730
Unspecified vulnerability in PEAR Text_Password 1.0 has unknown impact and attack vectors, related to "problematic seeding" of the random number generator, possibly predictable seeds.
Pear Text Password 1.0
NA
CVE-2021-29378
SQL Injection in pear-admin-think version 2.1.2, allows malicious users to execute arbitrary code and escalate privileges via crafted GET request to Crud.php.
Pearadmin Pear Admin Think 2.1.2
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-52710
arbitrary
CVE-2024-5272
CVE-2024-2961
brute force
remote
CVE-2024-32944
CVE-2024-36241
CVE-2024-5274
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »