Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pear vulnerabilities and exploits
(subscribe to this query)
3.6
CVSSv2
CVE-2021-32610
In Archive_Tar prior to 1.4.14, symlinks can refer to targets outside of the extracted archive, a different vulnerability than CVE-2020-36193.
Php Archive Tar
Debian Debian Linux 9.0
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
5
CVSSv2
CVE-2006-0910
Invision Power Board (IPB) 2.1.4 and previous versions allows remote malicious users to list directory contents via a direct request to multiple directories, including (1) sources/loginauth/convert/, (2) sources/portal_plugins/, (3) cache/skin_cache/cacheid_2/, (4) ips_kernel/PEA...
Invision Power Services Invision Power Board 2.0.0
Invision Power Services Invision Power Board 2.0.1
Invision Power Services Invision Power Board 2.1.4
Invision Power Services Invision Power Board 2.1 Beta2
Invision Power Services Invision Power Board 2.1.2
Invision Power Services Invision Power Board 2.1.3
Invision Power Services Invision Power Board 2.0.2
Invision Power Services Invision Power Board 2.0.3
Invision Power Services Invision Power Board 2.1 Beta3
Invision Power Services Invision Power Board 2.1 Beta4
Invision Power Services Invision Power Board 2.0.4
Invision Power Services Invision Power Board 2.1.0
Invision Power Services Invision Power Board 2.1.1
Invision Power Services Invision Power Board 2.1 Beta5
Invision Power Services Invision Power Board 2.1 Rc1
7.5
CVSSv2
CVE-2010-3209
Multiple PHP remote file inclusion vulnerabilities in Seagull 0.6.7 allow remote malicious users to execute arbitrary PHP code via a URL in the includeFile parameter to (1) Config/Container.php and (2) HTML/QuickForm.php in fog/lib/pear/, the (3) driverpath parameter to fog/lib/p...
Seagullproject.org Seagull 0.6.7
1 EDB exploit
NA
CVE-2022-32287
A relative path traversal vulnerability in a FileUtil class used by the PEAR management component of Apache UIMA allows an malicious user to create files outside the designated target directory using carefully crafted ZIP entry names. This issue affects Apache UIMA Apache UIMA ve...
Apache Uimaj
6.3
CVSSv2
CVE-2011-0441
The Debian GNU/Linux /etc/cron.d/php5 cron job for PHP 5.3.5 allows local users to delete arbitrary files via a symlink attack on a directory under /var/lib/php5/.
Php Php 5.3.5
6.8
CVSSv2
CVE-2007-3632
Multiple PHP remote file inclusion vulnerabilities in LimeSurvey (aka PHPSurveyor) 1.49RC2 allow remote malicious users to execute arbitrary PHP code via a URL in the homedir parameter to (1) OLE/PPS/File.php, (2) OLE/PPS/Root.php, (3) Spreadsheet/Excel/Writer.php, or (4) OLE/PPS...
Limesurvey Limesurvey 1.49 Rc2
1 EDB exploit
2.1
CVSSv2
CVE-2016-10799
cPanel prior to 58.0.4 does not set the Pear tmp directory during a PHP installation (SEC-137).
Cpanel Cpanel
7.5
CVSSv2
CVE-2006-4944
PHP remote file inclusion vulnerability in includes/pear/Net/DNS/RR.php in ProgSys 0.151 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the phpdns_basedir parameter.
Boesch It-consulting Progsys
1 EDB exploit
2.1
CVSSv2
CVE-2012-1105
An Information Disclosure vulnerability exists in the Jasig Project php-pear-CAS 1.2.2 package in the /tmp directory. The Central Authentication Service client library archives the debug logging file in an insecure manner.
Apereo Phpcas 1.2.2
Fedoraproject Fedora 15
Fedoraproject Fedora 16
Debian Debian Linux 8.0
5
CVSSv2
CVE-2006-0909
Invision Power Board (IPB) 2.1.4 and previous versions allows remote malicious users to view sensitive information via a direct request to multiple PHP scripts that include the full path in error messages, including (1) PEAR/Text/Diff/Renderer/inline.php, (2) PEAR/Text/Diff/Rende...
Invision Power Services Invision Power Board 2.0.0
Invision Power Services Invision Power Board 2.0.1
Invision Power Services Invision Power Board 2.1.3
Invision Power Services Invision Power Board 2.1.4
Invision Power Services Invision Power Board 2.1.1
Invision Power Services Invision Power Board 2.1.2
Invision Power Services Invision Power Board 2.1 Rc1
Invision Power Services Invision Power Board 2.0.2
Invision Power Services Invision Power Board 2.0.3
Invision Power Services Invision Power Board 2.1 Beta2
Invision Power Services Invision Power Board 2.1 Beta3
Invision Power Services Invision Power Board 2.0.4
Invision Power Services Invision Power Board 2.1.0
Invision Power Services Invision Power Board 2.1 Beta4
Invision Power Services Invision Power Board 2.1 Beta5
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
race condition
CVE-2024-4249
CVE-2024-4244
CVE-2023-20198
TCP
CVE-2022-48648
CVE-2022-48636
CVE-2024-21345
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »