Max CVSS 7.8 Min CVSS 4.6 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2007-1888 7.5
Buffer overflow in the sqlite_decode_binary function in src/encode.c in SQLite 2, as used by PHP 4.x through 5.x and other applications, allows context-dependent attackers to execute arbitrary code via an empty value of the in parameter. NOTE: some
30-10-2018 - 16:25 06-04-2007 - 01:19
CVE-2007-1887 7.5
Buffer overflow in the sqlite_decode_binary function in the bundled sqlite library in PHP 4 before 4.4.5 and PHP 5 before 5.2.1 allows context-dependent attackers to execute arbitrary code via an empty value of the in parameter, as demonstrated by ca
30-10-2018 - 16:25 06-04-2007 - 01:19
CVE-2007-1718 7.8
CRLF injection vulnerability in the mail function in PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 allows remote attackers to inject arbitrary e-mail headers and possibly conduct spam attacks via a control character immediately following folding of
30-10-2018 - 16:25 28-03-2007 - 00:19
CVE-2007-1700 7.5
The session extension in PHP 4 before 4.4.5, and PHP 5 before 5.2.1, calculates the reference count for the session variables without considering the internal pointer from the session globals, which allows context-dependent attackers to execute arbit
30-10-2018 - 16:25 27-03-2007 - 01:19
CVE-2007-1583 6.8
The mb_parse_str function in PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 sets the internal register_globals flag and does not disable it in certain cases when a script terminates, which allows remote attackers to invoke available PHP scripts with
30-10-2018 - 16:25 21-03-2007 - 23:19
CVE-2007-1380 5.0
The php_binary serialization handler in the session extension in PHP before 4.4.5, and 5.x before 5.2.1, allows context-dependent attackers to obtain sensitive information (memory contents) via a serialized variable entry with a large length value, w
30-10-2018 - 16:25 10-03-2007 - 00:19
CVE-2007-1376 7.5
The shmop functions in PHP before 4.4.5, and before 5.2.1 in the 5.x series, do not verify that their arguments correspond to a shmop resource, which allows context-dependent attackers to read and write arbitrary memory locations via arguments associ
30-10-2018 - 16:25 10-03-2007 - 00:19
CVE-2007-1484 4.6
The array_user_key_compare function in PHP 4.4.6 and earlier, and 5.x up to 5.2.1, makes erroneous calls to zval_dtor, which triggers memory corruption and allows local users to bypass safe_mode and execute arbitrary code via a certain unset operatio
19-10-2018 - 18:18 16-03-2007 - 21:19
CVE-2007-1900 5.0
CRLF injection vulnerability in the FILTER_VALIDATE_EMAIL filter in ext/filter in PHP 5.2.0 and 5.2.1 allows context-dependent attackers to inject arbitrary e-mail headers via an e-mail address with a '\n' character, which causes a regular expression
11-10-2017 - 01:32 10-04-2007 - 18:19
CVE-2007-1375 5.0
Integer overflow in the substr_compare function in PHP 5.2.1 and earlier allows context-dependent attackers to read sensitive memory via a large value in the length argument, a different vulnerability than CVE-2006-1991.
11-10-2017 - 01:31 10-03-2007 - 00:19
CVE-2007-1824 5.1
Buffer overflow in the php_stream_filter_create function in PHP 5 before 5.2.1 allows remote attackers to cause a denial of service (application crash) via a php://filter/ URL that has a name ending in the '.' character.
29-07-2017 - 01:31 02-04-2007 - 23:19
CVE-2007-1521 6.8
Double free vulnerability in PHP before 4.4.7, and 5.x before 5.2.2, allows context-dependent attackers to execute arbitrary code by interrupting the session_regenerate_id function, as demonstrated by calling a userspace error handler or triggering a
08-03-2011 - 02:52 20-03-2007 - 20:19
Back to Top Mark selected
Back to Top