CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Php: >> Pear >> 1.10.1 Security Vulnerabilities

CVE-2017-5630

PECL in the download utility class in the Installer in PEAR Base System v1.10.1 does not validate file types and filenames after a redirect, which allows remote HTTP servers to overwrite files via crafted responses, as demonstrated by a .htaccess overwrite.

CVSS Score

7.5

EPSS Score

0.052

Published

2017-02-01

Page 1

Vulnerabilities

Vulnerable Software

Php: >> Pear >> 1.10.1 Security Vulnerabilities

Products

Pricing

Contact Us