Max CVSS | 10.0 | Min CVSS | 2.1 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2004-1018 | 10.0 |
Multiple integer handling errors in PHP before 4.3.10 allow attackers to bypass safe mode restrictions, cause a denial of service, or execute arbitrary code via (1) a negative offset value to the shmop_write function, (2) an "integer overflow/underfl
|
08-12-2020 - 18:49 | 10-01-2005 - 05:00 | |
CVE-2004-1065 | 10.0 |
Buffer overflow in the exif_read_data function in PHP before 4.3.10 and PHP 5.x up to 5.0.2 allows remote attackers to execute arbitrary code via a long section name in an image file.
|
30-10-2018 - 16:25 | 10-01-2005 - 05:00 | |
CVE-2004-1019 | 10.0 |
The deserialization code in PHP before 4.3.10 and PHP 5.x up to 5.0.2 allows remote attackers to cause a denial of service and execute arbitrary code via untrusted data to the unserialize function that may trigger "information disclosure, double-free
|
30-10-2018 - 16:25 | 10-01-2005 - 05:00 | |
CVE-2004-0958 | 5.0 |
php_variables.c in PHP before 5.0.2 allows remote attackers to read sensitive memory contents via (1) GET, (2) POST, or (3) COOKIE GPC variables that end in an open bracket character, which causes PHP to calculate an incorrect string length.
|
11-10-2017 - 01:29 | 03-11-2004 - 05:00 | |
CVE-2004-0959 | 2.1 |
rfc1867.c in PHP before 5.0.2 allows local users to upload files to arbitrary locations via a PHP script with a certain MIME header that causes the "$_FILES" array to be modified.
|
11-10-2017 - 01:29 | 03-11-2004 - 05:00 | |
CVE-2004-1392 | 5.0 |
PHP 4.0 with cURL functions allows remote attackers to bypass the open_basedir setting and read arbitrary files via a file: URL argument to the curl_init function.
|
11-10-2017 - 01:29 | 31-12-2004 - 05:00 |