Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php pear vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-3228
PHP remote file inclusion vulnerability in saf/lib/PEAR/PhpDocumentor/Documentation/tests/bug-559668.php in Sitellite CMS 4.2.12 and previous versions might allow remote malicious users to execute arbitrary PHP code via a URL in the FORUM[LIB] parameter. NOTE: by default, access ...
Simian Systems Inc Sitellite Cms 4.2.12
1 EDB exploit
NA
CVE-2007-2939
Multiple PHP remote file inclusion vulnerabilities in Mazen's PHP Chat 3.0.0 allow remote malicious users to execute arbitrary PHP code via a URL in the basepath parameter to (1) ITX.php, (2) IT_Error.php, or (3) IT.php in include/pear/.
Mazens Php Chat Mazens Php Chat 3.0.0
1 EDB exploit
NA
CVE-2007-2519
Directory traversal vulnerability in the installer in PEAR 1.0 up to and including 1.5.3 allows user-assisted remote malicious users to overwrite arbitrary files via a .. (dot dot) sequence in the (1) install-as attribute in the file element in package.xml 1.0 or the (2) as attri...
Php Group Pear 1.2b2
Php Group Pear 1.2b3
Php Group Pear 1.3.5
Php Group Pear 1.1
Php Group Pear 1.2
Php Group Pear 1.3
Php Group Pear 1.3.1
Php Group Pear 1.3.3
Php Group Pear 1.3b3
Php Group Pear 1.3b5
Php Group Pear 1.4.0a2
Php Group Pear 1.4.0a3
Php Group Pear 1.0
Php Group Pear 1.0.1
Php Group Pear 1.2b4
Php Group Pear 1.2b5
Php Group Pear 1.3b1
Php Group Pear 1.3b2
Php Group Pear 1.4.0a11
Php Group Pear 1.4.0a12
Php Group Pear 1.4.0a8
Php Group Pear 1.4.0a9
1 EDB exploit
NA
CVE-2006-5893
Multiple PHP remote file inclusion vulnerabilities in iWonder Designs Storystream 0.4.0.0 allow remote malicious users to execute arbitrary PHP code via a URL in the baseDir parameter to (1) mysql.php and (2) mysqli.php in include/classes/pear/DB/.
Iwonder Designs Storystream 0.4.0.0
1 EDB exploit
NA
CVE-2006-4944
PHP remote file inclusion vulnerability in includes/pear/Net/DNS/RR.php in ProgSys 0.151 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the phpdns_basedir parameter.
Boesch It-consulting Progsys
1 EDB exploit
NA
CVE-2006-0931
Directory traversal vulnerability in PEAR::Archive_Tar 1.2, and other versions prior to 1.3.2, allows remote malicious users to create and overwrite arbitrary files via certain crafted pathnames in a TAR archive.
Pear Pear Archive Tar
NA
CVE-2006-0909
Invision Power Board (IPB) 2.1.4 and previous versions allows remote malicious users to view sensitive information via a direct request to multiple PHP scripts that include the full path in error messages, including (1) PEAR/Text/Diff/Renderer/inline.php, (2) PEAR/Text/Diff/Rende...
Invision Power Services Invision Power Board 2.0.0
Invision Power Services Invision Power Board 2.0.1
Invision Power Services Invision Power Board 2.1.3
Invision Power Services Invision Power Board 2.1.4
Invision Power Services Invision Power Board 2.1.1
Invision Power Services Invision Power Board 2.1.2
Invision Power Services Invision Power Board 2.1 Rc1
Invision Power Services Invision Power Board 2.0.2
Invision Power Services Invision Power Board 2.0.3
Invision Power Services Invision Power Board 2.1 Beta2
Invision Power Services Invision Power Board 2.1 Beta3
Invision Power Services Invision Power Board 2.0.4
Invision Power Services Invision Power Board 2.1.0
Invision Power Services Invision Power Board 2.1 Beta4
Invision Power Services Invision Power Board 2.1 Beta5
NA
CVE-2006-0868
Multiple unspecified injection vulnerabilities in unspecified Auth Container back ends for PEAR::Auth prior to 1.2.4, and 1.3.x prior to 1.3.0r4, allow remote malicious users to "falsify authentication credentials," related to the "underlying storage containers.&qu...
Pear Xml Rpc 1.0.2
Pear Xml Rpc 1.0.3
Pear Xml Rpc 1.2.0rc5
Pear Xml Rpc 1.2.0rc6
Pear Xml Rpc 1.0.4
Pear Xml Rpc 1.1.0
Pear Xml Rpc 1.2.0
Pear Xml Rpc 1.2.0rc7
Pear Xml Rpc 1.2.1
Pear Xml Rpc 1.2.0rc3
Pear Xml Rpc 1.2.0rc4
Pear Xml Rpc 1.3.0rc2
Pear Xml Rpc 1.3.0rc3
Pear Xml Rpc 1.2.0rc1
Pear Xml Rpc 1.2.0rc2
Pear Xml Rpc 1.2.2
Pear Xml Rpc 1.3.0rc1
NA
CVE-2006-0869
Directory traversal vulnerability in the "remember me" feature in liveuser.php in PHP Extension and Application Repository (PEAR) LiveUser 0.16.8 and previous versions allows remote malicious users to determine file existence, and possibly delete arbitrary files with sh...
Pear Pear Liveuser 0.10.0
Pear Pear Liveuser 0.13.3
Pear Pear Liveuser 0.14.0
Pear Pear Liveuser 0.15.0
Pear Pear Liveuser 0.16.5
Pear Pear Liveuser 0.16.6
Pear Pear Liveuser 0.6.1
Pear Pear Liveuser 0.7
Pear Pear Liveuser 0.11.0
Pear Pear Liveuser 0.11.1
Pear Pear Liveuser 0.15.1
Pear Pear Liveuser 0.16.0
Pear Pear Liveuser 0.16.7
Pear Pear Liveuser 0.16.8
Pear Pear Liveuser 0.8
Pear Pear Liveuser 0.8.1
Pear Pear Liveuser 0.13.1
Pear Pear Liveuser 0.13.2
Pear Pear Liveuser 0.16.3
Pear Pear Liveuser 0.16.4
Pear Pear Liveuser 0.5.1
Pear Pear Liveuser 0.6
1 EDB exploit
NA
CVE-2006-0144
The proxy server feature in go-pear.php in PHP PEAR 0.2.2, as used in Apache2Triad, allows remote malicious users to execute arbitrary PHP code by redirecting go-pear.php to a malicious proxy server that provides a modified version of Tar.php with a malicious extractModify functi...
Apache2triad Apache2triad
Php Pear 0.2.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310
CVE-2024-21683
CVE-2024-22187
chrome
deserialization
XPath injection
CVE-2024-27842
denial of service
CVE-2024-24851
google
CVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »