Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pear pear vulnerabilities and exploits
(subscribe to this query)
890
VMScore
CVE-2009-4024
Argument injection vulnerability in the ping function in Ping.php in the Net_Ping package prior to 2.4.5 for PEAR allows remote malicious users to execute arbitrary shell commands via the host parameter. NOTE: this has also been reported as a shell metacharacter problem.
Pear Pear 2.1
Pear Pear 1.0.1
Pear Pear
Pear Pear 2.4.3
Pear Pear 2.4.2
Pear Pear 1.0
Pear Pear 0.1
Pear Pear 2.4.1
Pear Pear 2.4
Pear Pear 2.3
Pear Pear 2.2
890
VMScore
CVE-2009-4025
Argument injection vulnerability in the traceroute function in Traceroute.php in the Net_Traceroute package prior to 0.21.2 for PEAR allows remote malicious users to execute arbitrary shell commands via the host parameter. NOTE: some of these details are obtained from third party...
Pear Pear 0.21
Pear Pear
Pear Pear 0.20
Pear Pear 0.11
890
VMScore
CVE-2005-4730
Unspecified vulnerability in PEAR Text_Password 1.0 has unknown impact and attack vectors, related to "problematic seeding" of the random number generator, possibly predictable seeds.
Pear Text Password 1.0
890
VMScore
CVE-2004-1064
The safe mode checks in PHP 4.x to 4.3.9 and PHP 5.x to 5.0.2 truncate the file path before passing the data to the realpath function, which could allow malicious users to bypass safe mode. NOTE: this issue was originally REJECTed by its CNA before publication, but that decision ...
Php Php
Canonical Ubuntu Linux 4.10
775
VMScore
CVE-2005-1921
Eval injection vulnerability in PEAR XML_RPC 1.3.0 and previous versions (aka XML-RPC or xmlrpc) and PHPXMLRPC (aka XML-RPC For PHP or php-xmlrpc) 1.1 and previous versions, as used in products such as (1) WordPress, (2) Serendipity, (3) Drupal, (4) egroupware, (5) MailWatch, (6)...
Php Xml Rpc
Gggeek Phpxmlrpc
Drupal Drupal
Tiki Tikiwiki Cms\\/groupware
Debian Debian Linux 3.1
5 EDB exploits
760
VMScore
CVE-2011-1938
Stack-based buffer overflow in the socket_connect function in ext/sockets/sockets.c in PHP 5.3.3 up to and including 5.3.6 might allow context-dependent malicious users to execute arbitrary code via a long pathname for a UNIX socket.
Php Php 5.3.4
Php Php 5.3.5
Php Php 5.3.3
Php Php 5.3.6
2 EDB exploits
755
VMScore
CVE-2011-1092
Integer overflow in ext/shmop/shmop.c in PHP prior to 5.3.6 allows context-dependent malicious users to cause a denial of service (crash) and possibly read sensitive memory via a large third argument to the shmop_read function.
Php Php 5.3.1
Php Php 5.3.2
Php Php 4.0.6
Php Php 4.0.7
Php Php 4.1.1
Php Php 4.1.2
Php Php 4.3.0
Php Php 4.0.2
Php Php 4.0.3
Php Php 4.0
Php Php 4.0.0
Php Php 4.0.1
Php Php 4.2.0
Php Php 4.3.1
Php Php 4.3.10
Php Php 4.3.7
Php Php 4.3.8
Php Php 4.4.5
Php Php 4.4.6
Php Php 3.0.1
Php Php 3.0
Php Php 3.0.17
1 EDB exploit
755
VMScore
CVE-2010-3209
Multiple PHP remote file inclusion vulnerabilities in Seagull 0.6.7 allow remote malicious users to execute arbitrary PHP code via a URL in the includeFile parameter to (1) Config/Container.php and (2) HTML/QuickForm.php in fog/lib/pear/, the (3) driverpath parameter to fog/lib/p...
Seagullproject.org Seagull 0.6.7
1 EDB exploit
755
VMScore
CVE-2006-5893
Multiple PHP remote file inclusion vulnerabilities in iWonder Designs Storystream 0.4.0.0 allow remote malicious users to execute arbitrary PHP code via a URL in the baseDir parameter to (1) mysql.php and (2) mysqli.php in include/classes/pear/DB/.
Iwonder Designs Storystream 0.4.0.0
1 EDB exploit
755
VMScore
CVE-2006-4944
PHP remote file inclusion vulnerability in includes/pear/Net/DNS/RR.php in ProgSys 0.151 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the phpdns_basedir parameter.
Boesch It-consulting Progsys
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-33545
CVE-2024-35725
CVE-2024-32704
overflow
file upload
CVE-2024-0230
CVE-2024-32705
CVE-2024-23692
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »