CVSS: 7.5EPSS: 0%CPEs: 18EXPL: 1CVE-2000-0860
https://notcve.org/view.php?id=CVE-2000-0860
14 Nov 2000 — The file upload capability in PHP versions 3 and 4 allows remote attackers to read arbitrary files by setting hidden form fields whose names match the names of internal PHP script variables. • http://archives.neohapsis.com/archives/bugtraq/2000-08/0455.html •
CVSS: 7.5EPSS: 1%CPEs: 3EXPL: 1CVE-1999-0068 – PHP/FI 1.0/FI 2.0/FI 2.0 b10 - mylog/mlog
https://notcve.org/view.php?id=CVE-1999-0068
19 Oct 1997 — CGI PHP mylog script allows an attacker to read any file on the target server. • https://www.exploit-db.com/exploits/19553 •
CVSS: 10.0EPSS: 1%CPEs: 3EXPL: 1CVE-1999-0238 – PHP PHP/fi 2.0 - Directory Traversal
https://notcve.org/view.php?id=CVE-1999-0238
01 Aug 1997 — php.cgi allows attackers to read any file on the system. • https://www.exploit-db.com/exploits/20567 •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-1999-0058
https://notcve.org/view.php?id=CVE-1999-0058
17 Apr 1997 — Buffer overflow in PHP cgi program, php.cgi allows shell access. • http://www.securityfocus.com/bid/712 •