CVSS: 6.8EPSS: 0%CPEs: 88EXPL: 3CVE-2009-5016 – php: XSS and SQL injection bypass via crafted overlong UTF-8 encoded string
https://notcve.org/view.php?id=CVE-2009-5016
12 Nov 2010 — Integer overflow in the xml_utf8_decode function in ext/xml/xml.c in PHP before 5.2.11 makes it easier for remote attackers to bypass cross-site scripting (XSS) and SQL injection protection mechanisms via a crafted string that uses overlong UTF-8 encoding, a different vulnerability than CVE-2010-3870. Desbordamiento de enteros en xml_utf8_decode function in ext/xml/xml.c in PHP anterior v5.2.11 hace fácil para atacantes remotos superar los mecanismos de protección de secuencia de comandos en sitios cruzados... • http://bugs.php.net/bug.php?id=49687 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-189: Numeric Errors •
CVSS: 6.8EPSS: 1%CPEs: 7EXPL: 7CVE-2010-3870 – PHP 5.3.2 - 'xml_utf8_decode()' UTF-8 Input Validation
https://notcve.org/view.php?id=CVE-2010-3870
12 Nov 2010 — The utf8_decode function in PHP before 5.3.4 does not properly handle non-shortest form UTF-8 encoding and ill-formed subsequences in UTF-8 data, which makes it easier for remote attackers to bypass cross-site scripting (XSS) and SQL injection protection mechanisms via a crafted string. La función utf8_decode en PHP anterior v5.3.4 no maneja adecuadamente la codificación UTF-8 corta y las secuencias malformadas en los datos UTF-8, lo que hace fácil para los atacantes remotos superar los mecanismos de protec... • https://www.exploit-db.com/exploits/34950 • CWE-20: Improper Input Validation CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 30EXPL: 0CVE-2010-3294 – php-pecl-apc: potential XSS in apc.php
https://notcve.org/view.php?id=CVE-2010-3294
24 Sep 2010 — Cross-site scripting (XSS) vulnerability in apc.php in the Alternative PHP Cache (APC) extension before 3.1.4 for PHP allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en apc.php de la extensión "Alternative PHP Cache" (APC) en versiones anteriores a la v3.1.4 para PHP permite a usuarios remotos inyectar codigo de script web o código HTML de su elección a través de vectores de ataque sin especificar. • http://pecl.php.net/package-changelog.php?package=APC&release=3.1.4 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.1EPSS: 0%CPEs: 13EXPL: 2CVE-2010-1128 – PHP 5.3.1 - LCG Entropy Security
https://notcve.org/view.php?id=CVE-2010-1128
26 Mar 2010 — The Linear Congruential Generator (LCG) in PHP before 5.2.13 does not provide the expected entropy, which makes it easier for context-dependent attackers to guess values that were intended to be unpredictable, as demonstrated by session cookies generated by using the uniqid function. El Linear Congruential Generator (LCG) en PHP anteriores a v5.2.13 no provee la entropía esperada, lo que hace más fácil para atacantes dependiendo del contexto adivinar valores que deberían ser impredecibles, como se demostró ... • https://www.exploit-db.com/exploits/33677 • CWE-310: Cryptographic Issues •
CVSS: 9.1EPSS: 1%CPEs: 35EXPL: 2CVE-2010-1130 – PHP 5.3.1 - 'session_save_path() Safe_mode()' Restriction Bypass Exploiot
https://notcve.org/view.php?id=CVE-2010-1130
26 Mar 2010 — session.c in the session extension in PHP before 5.2.13, and 5.3.1, does not properly interpret ; (semicolon) characters in the argument to the session_save_path function, which allows context-dependent attackers to bypass open_basedir and safe_mode restrictions via an argument that contains multiple ; characters in conjunction with a .. (dot dot). session.c en la extesión session en PHP anteriores a v5.2.13, y v5.3.1, no interpreta de forma adecuada los carácteres ";" en el argumento sobre la función sessi... • https://www.exploit-db.com/exploits/33625 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.5EPSS: 0%CPEs: 38EXPL: 0CVE-2009-4418
https://notcve.org/view.php?id=CVE-2009-4418
24 Dec 2009 — The unserialize function in PHP 5.3.0 and earlier allows context-dependent attackers to cause a denial of service (resource consumption) via a deeply nested serialized variable, as demonstrated by a string beginning with a:1: followed by many {a:1: sequences. La función deserializada (unserialize) en PHP 5.3.0 y anteriores permite a atacantes dependientes del contexto causar una denegación de servicio (consumo de recursos) a través una variables anidadas profundamente, como queda demostrada con una cadena i... • http://www.suspekt.org/2009/11/28/shocking-news-in-php-exploitation • CWE-189: Numeric Errors •
CVSS: 10.0EPSS: 1%CPEs: 108EXPL: 0CVE-2009-4143
https://notcve.org/view.php?id=CVE-2009-4143
21 Dec 2009 — PHP before 5.2.12 does not properly handle session data, which has unspecified impact and attack vectors related to (1) interrupt corruption of the SESSION superglobal array and (2) the session.save_path directive. PHP versiones anteriores a v5.2.12 no maneja adecuadamente los datos de sesión, teniendo un impacto no especificado y vectores de ataque relacionado con (1) la interrupción de corrupción de la selección SESSION superglobal y (2) la directiva session.save_path. • http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html •
CVSS: 6.1EPSS: 9%CPEs: 111EXPL: 4CVE-2009-4142 – PHP 5.2.11 - 'htmlspecialCharacters()' Malformed Multibyte Character Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2009-4142
21 Dec 2009 — The htmlspecialchars function in PHP before 5.2.12 does not properly handle (1) overlong UTF-8 sequences, (2) invalid Shift_JIS sequences, and (3) invalid EUC-JP sequences, which allows remote attackers to conduct cross-site scripting (XSS) attacks by placing a crafted byte sequence before a special character. La función htmlspecialchars en PHP versiones anteriores a v5.2.12 no maneja adecuadamente (1) secuencias UTF-8 demasiado largas, (2) secuencias inválidas Shift_JIS, y (39 secuencias inválidas EUC-JP, ... • https://www.exploit-db.com/exploits/33414 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 1%CPEs: 110EXPL: 4CVE-2009-2626 – PHP 5.2.10/5.3.0 - 'ini_restore()' Memory Information Disclosure
https://notcve.org/view.php?id=CVE-2009-2626
01 Dec 2009 — The zend_restore_ini_entry_cb function in zend_ini.c in PHP 5.3.0, 5.2.10, and earlier versions allows context-specific attackers to obtain sensitive information (memory contents) and cause a PHP crash by using the ini_set function to declare a variable, then using the ini_restore function to restore the variable. La función zend_restore_ini_entry_cb en zend_ini.c en PHP v5.3.0, v5.2.10, y anteriores permite a atacantes dependientes del contexto conseguir información sensible (contenidos de memoria) y produ... • https://www.exploit-db.com/exploits/10296 •
CVSS: 9.8EPSS: 2%CPEs: 110EXPL: 2CVE-2009-4018 – Kolang 4.3.10 < 5.3.0 - 'proc_open()' PHP 'safe_mode' Bypass
https://notcve.org/view.php?id=CVE-2009-4018
27 Nov 2009 — The proc_open function in ext/standard/proc_open.c in PHP before 5.2.11 and 5.3.x before 5.3.1 does not enforce the (1) safe_mode_allowed_env_vars and (2) safe_mode_protected_env_vars directives, which allows context-dependent attackers to execute programs with an arbitrary environment via the env parameter, as demonstrated by a crafted value of the LD_LIBRARY_PATH environment variable. La función proc_open en ext/standard/proc_open.c en PHP anterior a v5.2.11 y v5.3.x anterior a v5.3.1 no aplica adecuadame... • https://www.exploit-db.com/exploits/11636 • CWE-264: Permissions, Privileges, and Access Controls •