CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 0CVE-2006-3018
https://notcve.org/view.php?id=CVE-2006-3018
14 Jun 2006 — Unspecified vulnerability in the session extension functionality in PHP before 5.1.3 has unknown impact and attack vectors related to heap corruption. Vulnerabilidad no especificada en la funcionalidad de extensión de sesión en PHP anterior a la versión 5.1.3 tiene un impacto y vectores de ataque desconocidos, relacionados con una corrupción de memoria dinámica. • http://secunia.com/advisories/19927 •
CVSS: 9.3EPSS: 2%CPEs: 85EXPL: 0CVE-2006-3017
https://notcve.org/view.php?id=CVE-2006-3017
14 Jun 2006 — zend_hash_del_key_or_index in zend_hash.c in PHP before 4.4.3 and 5.x before 5.1.3 can cause zend_hash_del to delete the wrong element, which prevents a variable from being unset even when the PHP unset function is called, which might cause the variable's value to be used in security-relevant operations. • ftp://patches.sgi.com/support/free/security/advisories/20060701-01-U •
CVSS: 9.3EPSS: 1%CPEs: 1EXPL: 1CVE-2006-3016
https://notcve.org/view.php?id=CVE-2006-3016
14 Jun 2006 — Unspecified vulnerability in session.c in PHP before 5.1.3 has unknown impact and attack vectors, related to "certain characters in session names," including special characters that are frequently associated with CRLF injection, SQL injection, cross-site scripting (XSS), and HTTP response splitting vulnerabilities. NOTE: while the nature of the vulnerability is unspecified, it is likely that this is related to a violation of an expectation by PHP applications that the session name is alphanumeric, as implie... • ftp://patches.sgi.com/support/free/security/advisories/20061001-01-P.asc •
CVSS: 7.5EPSS: 37%CPEs: 75EXPL: 1CVE-2006-1490 – PHP 4.x/5.x - 'Html_Entity_Decode()' Information Disclosure
https://notcve.org/view.php?id=CVE-2006-1490
29 Mar 2006 — PHP before 5.1.3-RC1 might allow remote attackers to obtain portions of memory via crafted binary data sent to a script that processes user input in the html_entity_decode function and sends the encoded results back to the client, aka a "binary safety" issue. NOTE: this issue has been referred to as a "memory leak," but it is an information leak that discloses memory contents. • https://www.exploit-db.com/exploits/27508 •
CVSS: 9.1EPSS: 6%CPEs: 75EXPL: 1CVE-2006-1015 – PHP 4.x/5.0/5.1 with Sendmail Mail Function - 'additional_param' Arbitrary File Creation
https://notcve.org/view.php?id=CVE-2006-1015
07 Mar 2006 — Argument injection vulnerability in certain PHP 3.x, 4.x, and 5.x applications, when used with sendmail and when accepting remote input for the additional_parameters argument to the mail function, allows remote attackers to read and create arbitrary files via the sendmail -C and -X arguments. NOTE: it could be argued that this is a class of technology-specific vulnerability, instead of a particular instance; if so, then this should not be included in CVE. • https://www.exploit-db.com/exploits/27334 •
CVSS: 9.3EPSS: 10%CPEs: 78EXPL: 0CVE-2006-1017
https://notcve.org/view.php?id=CVE-2006-1017
07 Mar 2006 — The c-client library 2000, 2001, or 2004 for PHP before 4.4.4 and 5.x before 5.1.5 do not check the (1) safe_mode or (2) open_basedir functions, and when used in applications that accept user-controlled input for the mailbox argument to the imap_open function, allow remote attackers to obtain access to an IMAP stream data structure and conduct unauthorized IMAP actions. • http://bugs.php.net/bug.php?id=37265 •
CVSS: 9.1EPSS: 1%CPEs: 54EXPL: 0CVE-2005-3391
https://notcve.org/view.php?id=CVE-2005-3391
01 Nov 2005 — Multiple vulnerabilities in PHP before 4.4.1 allow remote attackers to bypass safe_mode and open_basedir restrictions via unknown attack vectors in (1) ext/curl and (2) ext/gd. • http://docs.info.apple.com/article.html?artnum=303382 •
CVSS: 9.1EPSS: 1%CPEs: 54EXPL: 0CVE-2005-3392
https://notcve.org/view.php?id=CVE-2005-3392
01 Nov 2005 — Unspecified vulnerability in PHP before 4.4.1, when using the virtual function on Apache 2, allows remote attackers to bypass safe_mode and open_basedir directives. • http://docs.info.apple.com/article.html?artnum=303382 •
CVSS: 9.1EPSS: 86%CPEs: 63EXPL: 1CVE-2005-3390 – PHP 4.x/5.0.x - Arbitrary File Upload GLOBAL Variable Overwrite
https://notcve.org/view.php?id=CVE-2005-3390
01 Nov 2005 — The RFC1867 file upload feature in PHP 4.x up to 4.4.0 and 5.x up to 5.0.5, when register_globals is enabled, allows remote attackers to modify the GLOBALS array and bypass security protections of PHP applications via a multipart/form-data POST request with a "GLOBALS" fileupload field. • https://www.exploit-db.com/exploits/26443 •
CVSS: 10.0EPSS: 3%CPEs: 65EXPL: 0CVE-2004-1019
https://notcve.org/view.php?id=CVE-2004-1019
22 Dec 2004 — The deserialization code in PHP before 4.3.10 and PHP 5.x up to 5.0.2 allows remote attackers to cause a denial of service and execute arbitrary code via untrusted data to the unserialize function that may trigger "information disclosure, double-free and negative reference index array underflow" results. El código de deserialización en PHP anteriores a 4.3.10 y PHP 5.x hasta 5.0.2 permite a atacantes remotos causar una denegación de servicio y ejecutar código de su elección mediante datos "no de confianza" ... • http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00029.html • CWE-20: Improper Input Validation •