| Max CVSS | 10.0 | Min CVSS | 2.1 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2006-7204 | 2.1 |
The imap_body function in PHP before 4.4.4 does not implement safemode or open_basedir checks, which allows local users to read arbitrary files or list arbitrary directory contents.
|
19-01-2023 - 16:26 | 22-05-2007 - 19:30 | |
| CVE-2007-2844 | 9.3 |
PHP 4.x and 5.x before 5.2.1, when running on multi-threaded systems, does not ensure thread safety for libc crypt function calls using protection schemes such as a mutex, which creates race conditions that allow remote attackers to overwrite interna
|
30-10-2018 - 16:25 | 24-05-2007 - 18:30 | |
| CVE-2007-2691 | 4.9 |
MySQL before 4.1.23, 5.0.x before 5.0.42, and 5.1.x before 5.1.18 does not require the DROP privilege for RENAME TABLE statements, which allows remote authenticated users to rename arbitrary tables. The vendor has released a product update to address
|
19-10-2018 - 19:00 | 16-05-2007 - 01:19 | |
| CVE-2007-0448 | 10.0 |
The fopen function in PHP 5.2.0 does not properly handle invalid URI handlers, which allows context-dependent attackers to bypass safe_mode restrictions and read arbitrary files via a file path specified with an invalid URI, as demonstrated via the s
|
11-09-2008 - 00:49 | 24-05-2007 - 18:30 | |
| CVE-2006-7205 | 5.0 |
The array_fill function in ext/standard/array.c in PHP 4.4.2 and 5.1.2 allows context-dependent attackers to cause a denial of service (memory consumption) via a large num value.
|
05-09-2008 - 21:16 | 24-05-2007 - 02:30 |