| Max CVSS | 10.0 | Min CVSS | 2.1 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2006-4020 | 4.6 |
scanf.c in PHP 5.1.4 and earlier, and 4.4.3 and earlier, allows context-dependent attackers to execute arbitrary code via a sscanf PHP function call that performs argument swapping, which increments an index past the end of an array and triggers a bu
|
14-02-2024 - 01:17 | 08-08-2006 - 20:04 | |
| CVE-2006-7204 | 2.1 |
The imap_body function in PHP before 4.4.4 does not implement safemode or open_basedir checks, which allows local users to read arbitrary files or list arbitrary directory contents.
|
19-01-2023 - 16:26 | 22-05-2007 - 19:30 | |
| CVE-2006-4483 | 9.3 |
The cURL extension files (1) ext/curl/interface.c and (2) ext/curl/streams.c in PHP before 5.1.5 permit the CURLOPT_FOLLOWLOCATION option when open_basedir or safe_mode is enabled, which allows attackers to perform unauthorized actions, possibly rela
|
19-07-2022 - 18:34 | 31-08-2006 - 21:04 | |
| CVE-2006-4482 | 9.3 |
Multiple heap-based buffer overflows in the (1) str_repeat and (2) wordwrap functions in ext/standard/string.c in PHP before 5.1.5, when used on a 64-bit system, have unspecified impact and attack vectors, a different vulnerability than CVE-2006-1990
|
19-07-2022 - 18:32 | 31-08-2006 - 21:04 | |
| CVE-2006-4485 | 10.0 |
The stripos function in PHP before 5.1.5 has unknown impact and attack vectors related to an out-of-bounds read.
|
30-10-2018 - 16:25 | 31-08-2006 - 21:04 | |
| CVE-2006-4481 | 7.2 |
The (1) file_exists and (2) imap_reopen functions in PHP before 5.1.5 do not check for the safe_mode and open_basedir settings, which allows local users to bypass the settings. NOTE: the error_log function is covered by CVE-2006-3011, and the imap_o
|
30-10-2018 - 16:25 | 31-08-2006 - 21:04 | |
| CVE-2006-4486 | 2.6 |
Integer overflow in memory allocation routines in PHP before 5.1.6, when running on a 64-bit system, allows context-dependent attackers to bypass the memory_limit restriction.
|
30-10-2018 - 16:25 | 31-08-2006 - 21:04 | |
| CVE-2006-4484 | 2.6 |
Buffer overflow in the LWZReadByte_ function in ext/gd/libgd/gd_gif_in.c in the GD extension in PHP before 5.1.5 allows remote attackers to have an unknown impact via a GIF file with input_code_size greater than MAX_LWZ_BITS, which triggers an overfl
|
30-10-2018 - 16:25 | 31-08-2006 - 21:04 | |
| CVE-2006-1017 | 9.3 |
The c-client library 2000, 2001, or 2004 for PHP before 4.4.4 and 5.x before 5.1.5 do not check the (1) safe_mode or (2) open_basedir functions, and when used in applications that accept user-controlled input for the mailbox argument to the imap_open
|
30-10-2018 - 16:25 | 07-03-2006 - 00:02 | |
| CVE-2006-3011 | 4.6 |
The error_log function in basic_functions.c in PHP before 4.4.4 and 5.x before 5.1.5 allows local users to bypass safe mode and open_basedir restrictions via a "php://" or other scheme in the third argument, which disables safe mode.
|
20-07-2017 - 01:31 | 26-06-2006 - 21:05 |