Max CVSS 7.5 Min CVSS 1.2 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2006-4625 3.6
PHP 4.x up to 4.4.4 and PHP 5 up to 5.1.6 allows local users to bypass certain Apache HTTP Server httpd.conf options, such as safe_mode and open_basedir, via the ini_restore function, which resets the values to their php.ini (Master Value) defaults.
30-10-2018 - 16:25 12-09-2006 - 16:07
CVE-2006-4481 7.2
The (1) file_exists and (2) imap_reopen functions in PHP before 5.1.5 do not check for the safe_mode and open_basedir settings, which allows local users to bypass the settings. NOTE: the error_log function is covered by CVE-2006-3011, and the imap_o
30-10-2018 - 16:25 31-08-2006 - 21:04
CVE-2006-0576 7.2
Untrusted search path vulnerability in opcontrol in OProfile 0.9.1 and earlier allows local users to execute arbitrary commands via a modified PATH that references malicious (1) which or (2) dirname programs. NOTE: while opcontrol normally is not ru
19-10-2018 - 15:45 08-02-2006 - 00:06
CVE-2005-2666 1.2
SSH, as implemented in OpenSSH before 4.0 and possibly other implementations, stores hostnames, IP addresses, and keys in plaintext in the known_hosts file, which makes it easier for an attacker that has compromised an SSH user's account to generate
11-10-2017 - 01:30 23-08-2005 - 04:00
CVE-2006-3011 4.6
The error_log function in basic_functions.c in PHP before 4.4.4 and 5.x before 5.1.5 allows local users to bypass safe mode and open_basedir restrictions via a "php://" or other scheme in the third argument, which disables safe mode.
20-07-2017 - 01:31 26-06-2006 - 21:05
CVE-2006-2563 2.1
The cURL library (libcurl) in PHP 4.4.2 and 5.1.4 allows attackers to bypass safe mode and read files via a file:// request containing null characters.
20-07-2017 - 01:31 29-05-2006 - 16:02
CVE-2006-3018 7.5
Unspecified vulnerability in the session extension functionality in PHP before 5.1.3 has unknown impact and attack vectors related to heap corruption.
15-09-2010 - 04:54 14-06-2006 - 23:02
CVE-2005-2946 5.0
The default configuration on OpenSSL before 0.9.8 uses MD5 for creating message digests instead of a more cryptographically strong algorithm, which makes it easier for remote attackers to forge certificates with a valid certificate authority signatur
07-01-2009 - 05:00 16-09-2005 - 22:03
Back to Top Mark selected
Back to Top