Max CVSS 10.0 Min CVSS 2.1 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2006-7204 2.1
The imap_body function in PHP before 4.4.4 does not implement safemode or open_basedir checks, which allows local users to read arbitrary files or list arbitrary directory contents.
19-01-2023 - 16:26 22-05-2007 - 19:30
CVE-2007-2844 9.3
PHP 4.x and 5.x before 5.2.1, when running on multi-threaded systems, does not ensure thread safety for libc crypt function calls using protection schemes such as a mutex, which creates race conditions that allow remote attackers to overwrite interna
30-10-2018 - 16:25 24-05-2007 - 18:30
CVE-2007-2691 4.9
MySQL before 4.1.23, 5.0.x before 5.0.42, and 5.1.x before 5.1.18 does not require the DROP privilege for RENAME TABLE statements, which allows remote authenticated users to rename arbitrary tables. The vendor has released a product update to address
19-10-2018 - 19:00 16-05-2007 - 01:19
CVE-2007-0448 10.0
The fopen function in PHP 5.2.0 does not properly handle invalid URI handlers, which allows context-dependent attackers to bypass safe_mode restrictions and read arbitrary files via a file path specified with an invalid URI, as demonstrated via the s
11-09-2008 - 00:49 24-05-2007 - 18:30
CVE-2006-7205 5.0
The array_fill function in ext/standard/array.c in PHP 4.4.2 and 5.1.2 allows context-dependent attackers to cause a denial of service (memory consumption) via a large num value.
05-09-2008 - 21:16 24-05-2007 - 02:30
Back to Top Mark selected
Back to Top