Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pear vulnerabilities and exploits
(subscribe to this query)
320
VMScore
CVE-2021-32610
In Archive_Tar prior to 1.4.14, symlinks can refer to targets outside of the extracted archive, a different vulnerability than CVE-2020-36193.
Php Archive Tar
Debian Debian Linux 9.0
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
445
VMScore
CVE-2006-0910
Invision Power Board (IPB) 2.1.4 and previous versions allows remote malicious users to list directory contents via a direct request to multiple directories, including (1) sources/loginauth/convert/, (2) sources/portal_plugins/, (3) cache/skin_cache/cacheid_2/, (4) ips_kernel/PEA...
Invision Power Services Invision Power Board 2.0.0
Invision Power Services Invision Power Board 2.0.1
Invision Power Services Invision Power Board 2.1.4
Invision Power Services Invision Power Board 2.1 Beta2
Invision Power Services Invision Power Board 2.1.2
Invision Power Services Invision Power Board 2.1.3
Invision Power Services Invision Power Board 2.0.2
Invision Power Services Invision Power Board 2.0.3
Invision Power Services Invision Power Board 2.1 Beta3
Invision Power Services Invision Power Board 2.1 Beta4
Invision Power Services Invision Power Board 2.0.4
Invision Power Services Invision Power Board 2.1.0
Invision Power Services Invision Power Board 2.1.1
Invision Power Services Invision Power Board 2.1 Beta5
Invision Power Services Invision Power Board 2.1 Rc1
755
VMScore
CVE-2010-3209
Multiple PHP remote file inclusion vulnerabilities in Seagull 0.6.7 allow remote malicious users to execute arbitrary PHP code via a URL in the includeFile parameter to (1) Config/Container.php and (2) HTML/QuickForm.php in fog/lib/pear/, the (3) driverpath parameter to fog/lib/p...
Seagullproject.org Seagull 0.6.7
1 EDB exploit
NA
CVE-2022-32287
A relative path traversal vulnerability in a FileUtil class used by the PEAR management component of Apache UIMA allows an malicious user to create files outside the designated target directory using carefully crafted ZIP entry names. This issue affects Apache UIMA Apache UIMA ve...
Apache Uimaj
561
VMScore
CVE-2011-0441
The Debian GNU/Linux /etc/cron.d/php5 cron job for PHP 5.3.5 allows local users to delete arbitrary files via a symlink attack on a directory under /var/lib/php5/.
Php Php 5.3.5
187
VMScore
CVE-2016-10799
cPanel prior to 58.0.4 does not set the Pear tmp directory during a PHP installation (SEC-137).
Cpanel Cpanel
685
VMScore
CVE-2007-3632
Multiple PHP remote file inclusion vulnerabilities in LimeSurvey (aka PHPSurveyor) 1.49RC2 allow remote malicious users to execute arbitrary PHP code via a URL in the homedir parameter to (1) OLE/PPS/File.php, (2) OLE/PPS/Root.php, (3) Spreadsheet/Excel/Writer.php, or (4) OLE/PPS...
Limesurvey Limesurvey 1.49 Rc2
1 EDB exploit
755
VMScore
CVE-2006-4944
PHP remote file inclusion vulnerability in includes/pear/Net/DNS/RR.php in ProgSys 0.151 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the phpdns_basedir parameter.
Boesch It-consulting Progsys
1 EDB exploit
187
VMScore
CVE-2012-1105
An Information Disclosure vulnerability exists in the Jasig Project php-pear-CAS 1.2.2 package in the /tmp directory. The Central Authentication Service client library archives the debug logging file in an insecure manner.
Apereo Phpcas 1.2.2
Fedoraproject Fedora 15
Fedoraproject Fedora 16
Debian Debian Linux 8.0
445
VMScore
CVE-2006-0909
Invision Power Board (IPB) 2.1.4 and previous versions allows remote malicious users to view sensitive information via a direct request to multiple PHP scripts that include the full path in error messages, including (1) PEAR/Text/Diff/Renderer/inline.php, (2) PEAR/Text/Diff/Rende...
Invision Power Services Invision Power Board 2.0.0
Invision Power Services Invision Power Board 2.0.1
Invision Power Services Invision Power Board 2.1.3
Invision Power Services Invision Power Board 2.1.4
Invision Power Services Invision Power Board 2.1.1
Invision Power Services Invision Power Board 2.1.2
Invision Power Services Invision Power Board 2.1 Rc1
Invision Power Services Invision Power Board 2.0.2
Invision Power Services Invision Power Board 2.0.3
Invision Power Services Invision Power Board 2.1 Beta2
Invision Power Services Invision Power Board 2.1 Beta3
Invision Power Services Invision Power Board 2.0.4
Invision Power Services Invision Power Board 2.1.0
Invision Power Services Invision Power Board 2.1 Beta4
Invision Power Services Invision Power Board 2.1 Beta5
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4761
command injection
CVE-2024-3676
IDOR
CVE-2024-30039
CVE-2024-32113
CVE-2024-30049
CVE-2024-4776
SQL injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »