|Max CVSS||7.8||Min CVSS||5.0||Total Count||2|
|ID||CVSS||Summary||Last (major) update||Published|
CRLF injection vulnerability in the mail function in PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 allows remote attackers to inject arbitrary e-mail headers and possibly conduct spam attacks via a control character immediately following folding of
|30-10-2018 - 16:25||28-03-2007 - 00:19|
The mb_parse_str function in PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 sets the internal register_globals flag and does not disable it in certain cases when a script terminates, which allows remote attackers to invoke available PHP scripts with
|30-10-2018 - 16:25||21-03-2007 - 23:19|
The Zend Engine in PHP 4.x before 4.4.7, and 5.x before 5.2.2, allows remote attackers to cause a denial of service (stack exhaustion and PHP crash) via deeply nested arrays, which trigger deep recursion in the variable destruction routines.
|30-10-2018 - 16:25||06-03-2007 - 20:19|
Multiple integer overflows in the (1) createwbmp and (2) readwbmp functions in wbmp.c in the GD library (libgd) in PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 allow context-dependent attackers to execute arbitrary code via Wireless Bitmap (WBMP)
|30-10-2018 - 16:25||06-04-2007 - 00:19|
Double free vulnerability in the unserializer in PHP 4.4.5 and 4.4.6 allows context-dependent attackers to execute arbitrary code by overwriting variables pointing to (1) the GLOBALS array or (2) the session data in _SESSION. NOTE: this issue was in
|16-10-2018 - 16:40||27-03-2007 - 01:19|
Integer overflow in PHP 4.4.4 and earlier allows remote context-dependent attackers to execute arbitrary code via a long string to the unserialize function, which triggers the overflow in the ZVAL reference counter.
|16-10-2018 - 16:37||06-03-2007 - 20:19|
Buffer overflow in the gdImageStringFTEx function in gdft.c in GD Graphics Library 2.0.33 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted string with a JIS encoded
|16-10-2018 - 16:32||30-01-2007 - 17:28|