| Max CVSS | 10.0 | Min CVSS | 5.0 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2008-0599 | 10.0 |
The init_request_info function in sapi/cgi/cgi_main.c in PHP before 5.2.6 does not properly consider operator precedence when calculating the length of PATH_TRANSLATED, which might allow remote attackers to execute arbitrary code via a crafted URI.
|
02-02-2024 - 13:52 | 05-05-2008 - 17:20 | |
| CVE-2008-2050 | 10.0 |
Stack-based buffer overflow in the FastCGI SAPI (fastcgi.c) in PHP before 5.2.6 has unknown impact and attack vectors.
|
13-02-2023 - 02:19 | 05-05-2008 - 17:20 | |
| CVE-2008-0674 | 7.5 |
Buffer overflow in PCRE before 7.6 allows remote attackers to execute arbitrary code via a regular expression containing a character class with a large number of characters with Unicode code points greater than 255.
|
15-10-2018 - 22:02 | 18-02-2008 - 23:00 | |
| CVE-2007-4850 | 5.0 |
curl/interface.c in the cURL library (aka libcurl) in PHP 5.2.4 and 5.2.5 allows context-dependent attackers to bypass safe_mode and open_basedir restrictions and read arbitrary files via a file:// request containing a \x00 sequence, a different vuln
|
15-10-2018 - 21:38 | 25-01-2008 - 01:00 | |
| CVE-2008-2051 | 10.0 |
The escapeshellcmd API function in PHP before 5.2.6 has unknown impact and context-dependent attack vectors related to "incomplete multibyte chars."
|
11-10-2018 - 20:38 | 05-05-2008 - 17:20 |