Max CVSS 10.0 Min CVSS 2.1 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2007-3997 7.5
The (1) MySQL and (2) MySQLi extensions in PHP 4 before 4.4.8, and PHP 5 before 5.2.4, allow remote attackers to bypass safe_mode and open_basedir restrictions via MySQL LOCAL INFILE operations, as demonstrated by a query with LOAD DATA LOCAL INFILE.
26-10-2018 - 13:59 04-09-2007 - 18:17
CVE-2007-4889 6.8
The MySQL extension in PHP 5.2.4 and earlier allows remote attackers to bypass safe_mode and open_basedir restrictions via the MySQL (1) LOAD_FILE, (2) INTO DUMPFILE, and (3) INTO OUTFILE functions, a different issue than CVE-2007-3997.
15-10-2018 - 21:38 14-09-2007 - 01:17
CVE-2007-4596 7.5
The perl extension in PHP does not follow safe_mode restrictions, which allows context-dependent attackers to execute arbitrary code via the Perl eval function. NOTE: this might only be a vulnerability in limited environments.
29-09-2017 - 01:29 30-08-2007 - 18:17
CVE-2007-4663 7.5
Directory traversal vulnerability in PHP before 5.2.4 allows attackers to bypass open_basedir restrictions via unspecified vectors involving the glob function.
29-07-2017 - 01:33 04-09-2007 - 22:17
CVE-2007-4652 4.4
The session extension in PHP before 5.2.4 might allow local users to bypass open_basedir restrictions via a session file that is a symlink.
29-07-2017 - 01:33 04-09-2007 - 19:17
CVE-2007-0448 10.0
The fopen function in PHP 5.2.0 does not properly handle invalid URI handlers, which allows context-dependent attackers to bypass safe_mode restrictions and read arbitrary files via a file path specified with an invalid URI, as demonstrated via the s
11-09-2008 - 00:49 24-05-2007 - 18:30
CVE-2006-7204 2.1
The imap_body function in PHP before 4.4.4 does not implement safemode or open_basedir checks, which allows local users to read arbitrary files or list arbitrary directory contents. The vendor has addressed this issue with the following product updat
05-09-2008 - 21:16 22-05-2007 - 19:30
Back to Top Mark selected
Back to Top