Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php pear vulnerabilities and exploits
(subscribe to this query)
890
VMScore
CVE-2004-1064
The safe mode checks in PHP 4.x to 4.3.9 and PHP 5.x to 5.0.2 truncate the file path before passing the data to the realpath function, which could allow malicious users to bypass safe mode. NOTE: this issue was originally REJECTed by its CNA before publication, but that decision ...
Php Php
Canonical Ubuntu Linux 4.10
445
VMScore
CVE-2011-2483
crypt_blowfish prior to 1.1, as used in PHP prior to 5.3.7 on certain platforms, PostgreSQL prior to 8.4.9, and other products, does not properly handle 8-bit characters, which makes it easier for context-dependent malicious users to determine a cleartext password by leveraging k...
Php Php
Postgresql Postgresql
Openwall Crypt Blowfish
1 Github repository
775
VMScore
CVE-2005-1921
Eval injection vulnerability in PEAR XML_RPC 1.3.0 and previous versions (aka XML-RPC or xmlrpc) and PHPXMLRPC (aka XML-RPC For PHP or php-xmlrpc) 1.1 and previous versions, as used in products such as (1) WordPress, (2) Serendipity, (3) Drupal, (4) egroupware, (5) MailWatch, (6)...
Php Xml Rpc
Gggeek Phpxmlrpc
Drupal Drupal
Tiki Tikiwiki Cms\\/groupware
Debian Debian Linux 3.1
5 EDB exploits
745
VMScore
CVE-2008-6840
Multiple PHP remote file inclusion vulnerabilities in V-webmail 1.6.4 allow remote malicious users to execute arbitrary PHP code via a URL in the (1) CONFIG[pear_dir] parameter to (a) Mail/RFC822.php, (b) Net/Socket.php, (c) XML/Parser.php, (d) XML/Tree.php, (e) Mail/mimeDecode.p...
Christof Bruyland V-webmail 1.6.4
13 EDB exploits
685
VMScore
CVE-2007-3228
PHP remote file inclusion vulnerability in saf/lib/PEAR/PhpDocumentor/Documentation/tests/bug-559668.php in Sitellite CMS 4.2.12 and previous versions might allow remote malicious users to execute arbitrary PHP code via a URL in the FORUM[LIB] parameter. NOTE: by default, access ...
Simian Systems Inc Sitellite Cms 4.2.12
1 EDB exploit
755
VMScore
CVE-2010-3209
Multiple PHP remote file inclusion vulnerabilities in Seagull 0.6.7 allow remote malicious users to execute arbitrary PHP code via a URL in the includeFile parameter to (1) Config/Container.php and (2) HTML/QuickForm.php in fog/lib/pear/, the (3) driverpath parameter to fog/lib/p...
Seagullproject.org Seagull 0.6.7
1 EDB exploit
685
VMScore
CVE-2007-3632
Multiple PHP remote file inclusion vulnerabilities in LimeSurvey (aka PHPSurveyor) 1.49RC2 allow remote malicious users to execute arbitrary PHP code via a URL in the homedir parameter to (1) OLE/PPS/File.php, (2) OLE/PPS/Root.php, (3) Spreadsheet/Excel/Writer.php, or (4) OLE/PPS...
Limesurvey Limesurvey 1.49 Rc2
1 EDB exploit
187
VMScore
CVE-2016-10799
cPanel prior to 58.0.4 does not set the Pear tmp directory during a PHP installation (SEC-137).
Cpanel Cpanel
755
VMScore
CVE-2006-4944
PHP remote file inclusion vulnerability in includes/pear/Net/DNS/RR.php in ProgSys 0.151 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the phpdns_basedir parameter.
Boesch It-consulting Progsys
1 EDB exploit
755
VMScore
CVE-2006-5893
Multiple PHP remote file inclusion vulnerabilities in iWonder Designs Storystream 0.4.0.0 allow remote malicious users to execute arbitrary PHP code via a URL in the baseDir parameter to (1) mysql.php and (2) mysqli.php in include/classes/pear/DB/.
Iwonder Designs Storystream 0.4.0.0
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310
CVE-2024-21683
CVE-2024-22187
chrome
deserialization
XPath injection
CVE-2024-27842
denial of service
CVE-2024-24851
google
CVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »