|Max CVSS||7.5||Min CVSS||2.6||Total Count||4|
|ID||CVSS||Summary||Last (major) update||Published|
PHP before 5.3.9 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters.
|22-08-2016 - 22:04||29-12-2011 - 20:55|
CRLF injection vulnerability in the ftp_putcmd function in PHP before 4.4.7, and 5.x before 5.2.2 allows remote attackers to inject arbitrary FTP commands via CRLF sequences in the parameters to earlier FTP commands.
|05-11-2012 - 22:38||08-05-2007 - 20:19|
The GENERATE_SEED macro in PHP 4.x before 4.4.8 and 5.x before 5.2.5, when running on 64-bit systems, performs a multiplication that generates a portion of zero bits during conversion due to insufficient precision, which produces 24 bits of entropy a
|30-10-2012 - 22:56||07-05-2008 - 17:20|
Unspecified vulnerability in PHP before 5.2.4 has unknown impact and attack vectors, related to an "Improved fix for MOPB-03-2007," probably a variant of CVE-2007-1285.
|21-08-2010 - 01:10||04-09-2007 - 20:17|