CVSS: 7.5EPSS: 3%CPEs: 2EXPL: 4CVE-2007-4850 – PHP 5.2.5 - cURL 'safe_mode' Security Bypass
https://notcve.org/view.php?id=CVE-2007-4850
25 Jan 2008 — curl/interface.c in the cURL library (aka libcurl) in PHP 5.2.4 and 5.2.5 allows context-dependent attackers to bypass safe_mode and open_basedir restrictions and read arbitrary files via a file:// request containing a \x00 sequence, a different vulnerability than CVE-2006-2563. curl/interface.c en la librería cURL (también conocido como libcurl) en PHP 5.2.4 y 5.2.5 permite a atacantes dependientes de contexto evitar las restricciones safe_mode y open_basedir, y leer ficheros de su elección mediante una pe... • https://www.exploit-db.com/exploits/31053 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 1CVE-2008-0145
https://notcve.org/view.php?id=CVE-2008-0145
08 Jan 2008 — Unspecified vulnerability in glob in PHP before 4.4.8, when open_basedir is enabled, has unknown impact and attack vectors. NOTE: this issue reportedly exists because of a regression related to CVE-2007-4663. Vulnerabilidad no especificada en glob de PHP versiones anteriores a 4.4.8, cuando open_basedir está habilitado, tiene impacto desconocido y vectores de ataque. NOTA: esta vulnerabilidad existe debido a una regresión relativa a CVE-2007-4663. • http://bugs.php.net/bug.php?id=41655 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 6.2EPSS: 2%CPEs: 1EXPL: 0CVE-2007-5899 – php session ID leakage
https://notcve.org/view.php?id=CVE-2007-5899
20 Nov 2007 — The output_add_rewrite_var function in PHP before 5.2.5 rewrites local forms in which the ACTION attribute references a non-local URL, which allows remote attackers to obtain potentially sensitive information by reading the requests for this URL, as demonstrated by a rewritten form containing a local session ID. La función output_add_rewrite_var en PHP anterior a 5.2.5 rescribe formularios locales en los cuales el atributo ACTION referencia a una URL no local, lo caul permite a atacantes remotos obtener inf... • http://bugs.php.net/bug.php?id=42869 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2007-6039 – PHP 5.2.5 - Multiple GetText functions Denial of Service Vulnerabilities
https://notcve.org/view.php?id=CVE-2007-6039
20 Nov 2007 — PHP 5.2.5 and earlier allows context-dependent attackers to cause a denial of service (application crash) via a long string in (1) the domain parameter to the dgettext function, the message parameter to the (2) dcgettext or (3) gettext function, the msgid1 parameter to the (4) dngettext or (5) ngettext function, or (6) the classname parameter to the stream_wrapper_register function. NOTE: this might not be a vulnerability in most web server environments that support multiple threads, unless this issue can b... • https://www.exploit-db.com/exploits/30760 • CWE-20: Improper Input Validation •
CVSS: 6.9EPSS: 0%CPEs: 1EXPL: 0CVE-2007-5900
https://notcve.org/view.php?id=CVE-2007-5900
20 Nov 2007 — PHP before 5.2.5 allows local users to bypass protection mechanisms configured through php_admin_value or php_admin_flag in httpd.conf by using ini_set to modify arbitrary configuration variables, a different issue than CVE-2006-4625. PHP anterior a 5.2.5 permite a usuarios locales evitar mecanismos de protección configurados a través de php_admin_value o php_admin_flag en httpd.conf con la utilización de ini_set para modificar variables de configuración de su elección, un asunto diferente que CVE-2006-4625... • http://bugs.php.net/bug.php?id=41561 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 0CVE-2007-5898 – php htmlentities/htmlspecialchars multibyte sequences
https://notcve.org/view.php?id=CVE-2007-5898
20 Nov 2007 — The (1) htmlentities and (2) htmlspecialchars functions in PHP before 5.2.5 accept partial multibyte sequences, which has unknown impact and attack vectors, a different issue than CVE-2006-5465. Las funciones (1) htmlentities y (2) htmlspecialchars en PHP anterior a 5.2.5 acepta secuencias multibyte parciales, lo cual tiene un impacto desconocido y vectores de ataque, un asunto diferente que CVE-2006-5465. • http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00006.html •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 1CVE-2007-5653 – PHP 5.x COM - Safe Mode / disable_functions Bypass
https://notcve.org/view.php?id=CVE-2007-5653
23 Oct 2007 — The Component Object Model (COM) functions in PHP 5.x on Windows do not follow safe_mode and disable_functions restrictions, which allows context-dependent attackers to bypass intended limitations, as demonstrated by executing objects with the kill bit set in the corresponding ActiveX control Compatibility Flags, executing programs via a function in compatUI.dll, invoking wscript.shell via wscript.exe, invoking Scripting.FileSystemObject via wshom.ocx, and adding users via a function in shgina.dll, related ... • https://www.exploit-db.com/exploits/4553 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 9.1EPSS: 0%CPEs: 2EXPL: 1CVE-2007-5447 – PHP 5.2.4 ionCube - 'ioncube_read_file' Safe Mode / disable_functions Bypass
https://notcve.org/view.php?id=CVE-2007-5447
14 Oct 2007 — ioncube_loader_win_5.2.dll in the ionCube Loader 6.5 extension for PHP 5.2.4 does not follow safe_mode and disable_functions restrictions, which allows context-dependent attackers to bypass intended limitations, as demonstrated by reading arbitrary files via the ioncube_read_file function. ioncube_loader_win_5.2.dll en la extensión ionCube Loader 6.5 para PHP 5.2.4 no sigue las restricciones safe_mode y disable_functions, lo cual permite a atacantes locales o remotos (dependiendo del contexto) evitar las li... • https://www.exploit-db.com/exploits/4517 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.1EPSS: 0%CPEs: 2EXPL: 0CVE-2007-5424
https://notcve.org/view.php?id=CVE-2007-5424
12 Oct 2007 — The disable_functions feature in PHP 4 and 5 allows attackers to bypass intended restrictions by using an alias, as demonstrated by using ini_alter when ini_set is disabled. La funcionalidad deshabilita_funciones de PHP 4 y 5 permite a atacantes remotos evitar restricciones intencionadas al utilizar alias, como se demuestra utilizando ini_alter cuando ini_set está deshabilitado. • http://securityreason.com/securityalert/3216 •
CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2007-5128
https://notcve.org/view.php?id=CVE-2007-5128
27 Sep 2007 — SimpNews 2.41.03 on Windows, when PHP before 5.0.0 is used, allows remote attackers to obtain sensitive information via an certain link_date parameter to events.php, which reveals the path in an error message due to an unsupported argument type for the mktime function on Windows. SimpNews 2.41.03 en Windows, al utilizar PHP anterior a 5.0.0, permite a atacantes remotos obtener información sensible mediante cierto parámetro link_date a events.php, lo cual revela la ruta en un mensaje de error debido a un tip... • http://forum.boesch-it.de/viewtopic.php?t=2791 • CWE-20: Improper Input Validation •