Php: Security Vulnerabilities
The WDDX deserializer in the wddx extension in PHP 5 before 5.2.1 and PHP 4 before 4.4.5 does not properly initialize the key_length variable for a numerical key, which allows context-dependent attackers to read stack memory via a wddxPacket element that contains a variable with a string name before a numerical variable.
CVSS Score
5.0
EPSS Score
0.108
Published
2007-02-13
Multiple format string vulnerabilities in PHP before 5.2.1 might allow attackers to execute arbitrary code via format string specifiers to (1) all of the *print functions on 64-bit systems, and (2) the odbc_result_all function.
CVSS Score
7.5
EPSS Score
0.016
Published
2007-02-13
Unspecified vulnerability in PHP before 5.2.1 allows attackers to "clobber" certain super-global variables via unspecified vectors.
CVSS Score
10.0
EPSS Score
0.063
Published
2007-02-13
Off-by-one error in the str_ireplace function in PHP 5.2.1 might allow context-dependent attackers to cause a denial of service (crash).
CVSS Score
7.8
EPSS Score
0.09
Published
2007-02-13
Buffer overflow in the gdImageStringFTEx function in gdft.c in GD Graphics Library 2.0.33 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted string with a JIS encoded font.
CVSS Score
7.5
EPSS Score
0.035
Published
2007-01-30
PHP remote file inclusion vulnerability in usercp_menu.php in AR Memberscript allows remote attackers to execute arbitrary PHP code via a URL in the script_folder parameter.
CVSS Score
7.5
EPSS Score
0.015
Published
2006-12-15
Multiple PHP remote file inclusion vulnerabilities in Bloq 0.5.4 allow remote attackers to execute arbitrary PHP code via a URL in the page[path] parameter to (1) index.php, (2) admin.php, (3) rss.php, (4) rdf.php, (5) rss2.php, or (6) files/mainfile.php.
CVSS Score
7.5
EPSS Score
0.018
Published
2006-12-15
PHP remote file inclusion vulnerability in admin/plugins/NP_UserSharing.php in BLOG:CMS 4.1.3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the DIR_ADMIN parameter.
CVSS Score
7.5
EPSS Score
0.048
Published
2006-12-14
PHP remote file inclusion vulnerability in signer/final.php in warez distributions of Animated Smiley Generator allows remote attackers to execute arbitrary PHP code via a URL in the smiley parameter. NOTE: the vendor disputes this issue, stating that only Warez versions of Animated Smiley Generator were affected, not the developer-provided software: "Legitimately purchased applications do not allow this exploit.
CVSS Score
7.5
EPSS Score
0.01
Published
2006-12-14
PHP remote file inclusion vulnerability in includes/common.php in the ErrorDocs 1.0.0 and earlier module for mxBB (mx_errordocs) allows remote attackers to execute arbitrary PHP code via a URL in the module_root_path parameter.
CVSS Score
7.5
EPSS Score
0.021
Published
2006-12-14