CVSS: 6.1EPSS: 0%CPEs: 109EXPL: 0CVE-2008-5814 – php: XSS via PHP error messages
https://notcve.org/view.php?id=CVE-2008-5814
02 Jan 2009 — Cross-site scripting (XSS) vulnerability in PHP, possibly 5.2.7 and earlier, when display_errors is enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: because of the lack of details, it is unclear whether this is related to CVE-2006-0208. Vulnerabilidad de Secuencias de Comandos en Sitios Cruzados (XSS) en PHP, posiblemente v5.2.7 y anteriores, cuando display_error está activada, permite a atacantes remotos inyectar secuencias de comandos Web o HTML a trav... • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02029444 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 2%CPEs: 33EXPL: 3CVE-2008-5498 – PHP 5.2.8 gd library - 'imageRotate()' Information Leak
https://notcve.org/view.php?id=CVE-2008-5498
26 Dec 2008 — Array index error in the imageRotate function in PHP 5.2.8 and earlier allows context-dependent attackers to read the contents of arbitrary memory locations via a crafted value of the third argument (aka the bgd_color or clrBack argument) for an indexed image. Error de índice de array en la función imageRotate en PHP 5.2.8 y anteriores permite a atacantes dependientes del contexto leer los contenidos de posiciones de memoria de su elección mediante un valor manipulado del tercer argumento (también conocido ... • https://www.exploit-db.com/exploits/7646 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 10.0EPSS: 14%CPEs: 49EXPL: 2CVE-2008-5557 – php: Heap-based buffer overflow in the mbstring extension via crafted string containing a HTML entity (arb code execution)
https://notcve.org/view.php?id=CVE-2008-5557
23 Dec 2008 — Heap-based buffer overflow in ext/mbstring/libmbfl/filters/mbfilter_htmlent.c in the mbstring extension in PHP 4.3.0 through 5.2.6 allows context-dependent attackers to execute arbitrary code via a crafted string containing an HTML entity, which is not properly handled during Unicode conversion, related to the (1) mb_convert_encoding, (2) mb_check_encoding, (3) mb_convert_variables, and (4) mb_parse_str functions. Desbordamiento de búfer basado en montículo en ext/mbstring/libmbfl/filters/mbfilter_htmlent.c... • http://archives.neohapsis.com/archives/fulldisclosure/2008-12/0477.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •
CVSS: 7.5EPSS: 0%CPEs: 27EXPL: 1CVE-2008-5658 – php: ZipArchive:: extractTo() Directory Traversal Vulnerability
https://notcve.org/view.php?id=CVE-2008-5658
17 Dec 2008 — Directory traversal vulnerability in the ZipArchive::extractTo function in PHP 5.2.6 and earlier allows context-dependent attackers to write arbitrary files via a ZIP file with a file whose name contains .. (dot dot) sequences. Vulnerabilidad de salto de directorio en la función ZipArchive::extractTo de PHP 5.2.6 y anteriores, permite a atacantes dependientes del contexto escribir ficheros de su elección a través de un archivo ZIP con un fichero que contenga la secuencia .. (punto punto). • http://archives.neohapsis.com/archives/bugtraq/2008-12/0039.html • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 9.8EPSS: 1%CPEs: 28EXPL: 1CVE-2008-5624
https://notcve.org/view.php?id=CVE-2008-5624
17 Dec 2008 — PHP 5 before 5.2.7 does not properly initialize the page_uid and page_gid global variables for use by the SAPI php_getuid function, which allows context-dependent attackers to bypass safe_mode restrictions via variable settings that are intended to be restricted to root, as demonstrated by a setting of /etc for the error_log variable. PHP 5 en versiones anteriores a 5.2.7, no inicializa propiamente las variable page_uid y page_gid global para ser usadas por la función SAPI php_getuid, el cual permite a los ... • http://marc.info/?l=bugtraq&m=124654546101607&w=2 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.5EPSS: 1%CPEs: 27EXPL: 2CVE-2008-5625 – PHP 5.2.6 - 'error_log' Safe_mode Bypass
https://notcve.org/view.php?id=CVE-2008-5625
17 Dec 2008 — PHP 5 before 5.2.7 does not enforce the error_log safe_mode restrictions when safe_mode is enabled through a php_admin_flag setting in httpd.conf, which allows context-dependent attackers to write to arbitrary files by placing a "php_value error_log" entry in a .htaccess file. PHP 5 versiones anteriores a 5.2.7 no cumple las restricciones error_log safe_mode cuando safe_mode está activado a través de un parámetro php_admin_flag en httpd.conf, el cual permite a los atacantes dependiente de contexto escribir ... • https://www.exploit-db.com/exploits/7171 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.1EPSS: 1%CPEs: 64EXPL: 0CVE-2008-4107 – WordPress Core < 2.6.2 - Cryptographic Weakness
https://notcve.org/view.php?id=CVE-2008-4107
08 Sep 2008 — The (1) rand and (2) mt_rand functions in PHP 5.2.6 do not produce cryptographically strong random numbers, which allows attackers to leverage exposures in products that rely on these functions for security-relevant functionality, as demonstrated by the password-reset functionality in Joomla! 1.5.x and WordPress before 2.6.2, a different vulnerability than CVE-2008-2107, CVE-2008-2108, and CVE-2008-4102. Las funciones (1) rand y (2) mt_rand en PHP 5.2.6 no producen criptográficamente fuertes números aleator... • http://marc.info/?l=oss-security&m=122152830017099&w=2 • CWE-189: Numeric Errors CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 9.8EPSS: 14%CPEs: 16EXPL: 1CVE-2008-3658 – php: buffer overflow in the imageloadfont function in gd extension
https://notcve.org/view.php?id=CVE-2008-3658
15 Aug 2008 — Buffer overflow in the imageloadfont function in ext/gd/gd.c in PHP 4.4.x before 4.4.9 and PHP 5.2 before 5.2.6-r6 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted font file. Un desbordamiento de búfer en la función imageloadfont en el archivo ext/gd/gd.c en PHP versiones 4.4.x anteriores a 4.4.9 y PHP versiones 5.2 anteriores a 5.2.6-r6, permite a los atacantes dependiendo del contexto causar una denegación de servicio (bloqueo) y pos... • http://bugs.gentoo.org/show_bug.cgi?id=234102 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 16%CPEs: 16EXPL: 0CVE-2008-3659
https://notcve.org/view.php?id=CVE-2008-3659
15 Aug 2008 — Buffer overflow in the memnstr function in PHP 4.4.x before 4.4.9 and PHP 5.6 through 5.2.6 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via the delimiter argument to the explode function. NOTE: the scope of this issue is limited since most applications would not use an attacker-controlled delimiter, but local attacks against safe_mode are feasible. Un desbordamiento de búfer en la función memnstr en versiones de PHP 4.4.x anteriores a 4.4.9 y e... • http://bugs.gentoo.org/show_bug.cgi?id=234102 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 5%CPEs: 16EXPL: 0CVE-2008-3660 – php: FastCGI module DoS via multiple dots preceding the extension
https://notcve.org/view.php?id=CVE-2008-3660
15 Aug 2008 — PHP 4.4.x before 4.4.9, and 5.x through 5.2.6, when used as a FastCGI module, allows remote attackers to cause a denial of service (crash) via a request with multiple dots preceding the extension, as demonstrated using foo..php. PHP 4.4.x en versiones anteriores a PHP 4.4.9 y 5.2.6 a través de 5.6, cuando se utiliza como un módulo FastCGI, permite a atacantes remotos provocar una denegación de servicio (con caida de la aplicación) a través de una solicitud con varios puntos precediendo a la extensión, como ... • http://bugs.gentoo.org/show_bug.cgi?id=234102 • CWE-20: Improper Input Validation •