Max CVSS 10.0 Min CVSS 7.5 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2008-5658 7.5
Directory traversal vulnerability in the ZipArchive::extractTo function in PHP 5.2.6 and earlier allows context-dependent attackers to write arbitrary files via a ZIP file with a file whose name contains .. (dot dot) sequences.
11-10-2018 - 20:56 17-12-2008 - 20:30
CVE-2008-5557 10.0
Heap-based buffer overflow in ext/mbstring/libmbfl/filters/mbfilter_htmlent.c in the mbstring extension in PHP 4.3.0 through 5.2.6 allows context-dependent attackers to execute arbitrary code via a crafted string containing an HTML entity, which is n
11-10-2018 - 20:56 23-12-2008 - 18:30
CVE-2008-5624 7.5
PHP 5 before 5.2.7 does not properly initialize the page_uid and page_gid global variables for use by the SAPI php_getuid function, which allows context-dependent attackers to bypass safe_mode restrictions via variable settings that are intended to b
11-10-2018 - 20:56 17-12-2008 - 17:30
CVE-2008-5625 7.5
PHP 5 before 5.2.7 does not enforce the error_log safe_mode restrictions when safe_mode is enabled through a php_admin_flag setting in httpd.conf, which allows context-dependent attackers to write to arbitrary files by placing a "php_value error_log"
11-10-2018 - 20:56 17-12-2008 - 17:30
Back to Top Mark selected
Back to Top