CVSS: 9.8EPSS: 4%CPEs: 59EXPL: 0CVE-2007-2509 – php CRLF injection
https://notcve.org/view.php?id=CVE-2007-2509
09 May 2007 — CRLF injection vulnerability in the ftp_putcmd function in PHP before 4.4.7, and 5.x before 5.2.2 allows remote attackers to inject arbitrary FTP commands via CRLF sequences in the parameters to earlier FTP commands. Vulnerabilidad de inyección de retornos de carro y saltos de línea en la función ftp_putcmd de PHP versiones anteriores a 4.4.7, y 5.x anteriores a 5.2.2 permite a atacantes remotos inyectar comandos FTP de su elección mediante secuencias de retornos de carro y saltos de línea en los parámetros... • http://lists.opensuse.org/opensuse-security-announce/2007-07/msg00006.html • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 4%CPEs: 59EXPL: 0CVE-2007-2510 – php make_http_soap_request flaw
https://notcve.org/view.php?id=CVE-2007-2510
09 May 2007 — Buffer overflow in the make_http_soap_request function in PHP before 5.2.2 has unknown impact and remote attack vectors, possibly related to "/" (slash) characters. Desbordamiento de búfer en la función make_http_soap_request de PHP anterior a 5.2.2 tiene impacto y vectores de ataque remotos desconocidos, posiblemente relacionados con caracteres "/" (barra o slash). • http://lists.opensuse.org/opensuse-security-announce/2007-07/msg00006.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 0%CPEs: 45EXPL: 0CVE-2007-2511
https://notcve.org/view.php?id=CVE-2007-2511
09 May 2007 — Buffer overflow in the user_filter_factory_create function in PHP before 5.2.2 has unknown impact and local attack vectors. Desbordamiento de búfer en la función user_filter_factory_create de PHP anterior a 5.2.2 tiene impacto y vectores de ataque locales desconocidos. • http://lists.opensuse.org/opensuse-security-announce/2007-07/msg00006.html •
CVSS: 7.5EPSS: 4%CPEs: 2EXPL: 1CVE-2007-2369 – WebSPELL 4.01.02 - 'picture.php' File Disclosure
https://notcve.org/view.php?id=CVE-2007-2369
30 Apr 2007 — Directory traversal vulnerability in picture.php in WebSPELL 4.01.02 and earlier, when PHP before 4.3.0 is used, allows remote attackers to read arbitrary files via a .. (dot dot) in the id parameter. Vulnerabilidad de salto de directorio en picture.php de WebSPELL 4.01.02 y anteriores, cuando se está utilizando PHP anterior a 4.3.0, permite a atacantes remotos leer ficheros de su elección mediante secuencias .. (punto punto) en el parámetro id. • https://www.exploit-db.com/exploits/3673 •
CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2007-1900
https://notcve.org/view.php?id=CVE-2007-1900
10 Apr 2007 — CRLF injection vulnerability in the FILTER_VALIDATE_EMAIL filter in ext/filter in PHP 5.2.0 and 5.2.1 allows context-dependent attackers to inject arbitrary e-mail headers via an e-mail address with a '\n' character, which causes a regular expression to ignore the subsequent part of the address string. Vulnerabilidad de inyección CRLF (retorno de carro y nueva línea) en el filtro FILTER_VALIDATE_EMAIL en ext/filter de PHP 5.2.0 y 5.2.1 permite a atacantes locales o remotos dependiendo del contexto inyectar ... • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795 •
CVSS: 7.8EPSS: 0%CPEs: 67EXPL: 1CVE-2007-1883
https://notcve.org/view.php?id=CVE-2007-1883
06 Apr 2007 — PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 allows context-dependent attackers to read arbitrary memory locations via an interruption that triggers a user space error handler that changes a parameter to an arbitrary pointer, as demonstrated via the iptcembed function, which calls certain convert_to_* functions with its input parameters. PHP 4.0.0 hasta 4.4.6 y 5.0.0 hasta 5.2.1 permite a atacantes dependientes del contexto leer localizaciones de memoria de su elección a través de una interrupción que di... • http://secunia.com/advisories/24542 •
CVSS: 9.8EPSS: 0%CPEs: 77EXPL: 0CVE-2007-1884
https://notcve.org/view.php?id=CVE-2007-1884
06 Apr 2007 — Multiple integer signedness errors in the printf function family in PHP 4 before 4.4.5 and PHP 5 before 5.2.1 on 64 bit machines allow context-dependent attackers to execute arbitrary code via (1) certain negative argument numbers that arise in the php_formatted_print function because of 64 to 32 bit truncation, and bypass a check for the maximum allowable value; and (2) a width and precision of -1, which make it possible for the php_sprintf_appendstring function to place an internal buffer at an arbitrary ... • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01056506 •
CVSS: 9.8EPSS: 1%CPEs: 66EXPL: 1CVE-2007-1885
https://notcve.org/view.php?id=CVE-2007-1885
06 Apr 2007 — Integer overflow in the str_replace function in PHP 4 before 4.4.5 and PHP 5 before 5.2.1 allows context-dependent attackers to execute arbitrary code via a single character search string in conjunction with a long replacement string, which overflows a 32 bit length counter. NOTE: this is probably the same issue as CVE-2007-0906.6. Desbordamiento de búfer en la función en PHP 4 anterior a 4.4.5 y PHP 5 anterior a 5.2.1 permite a atacantes dependientes del contexto ejecutar código de su elección a través de ... • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01056506 •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2007-1886
https://notcve.org/view.php?id=CVE-2007-1886
06 Apr 2007 — Integer overflow in the str_replace function in PHP 4.4.5 and PHP 5.2.1 allows context-dependent attackers to have an unknown impact via a single character search string in conjunction with a single character replacement string, which causes an "off by one overflow." Desbordamiento de enteros en la función str_replace del PHP 4.4.5 y PHP 5.2.1 permite a los atacantes dependientes del contexto tener un impacto desconocido mediante una cadena de búsqueda de un solo carácter en conjunción con una cadena de sus... • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01056506 •
CVSS: 9.8EPSS: 2%CPEs: 6EXPL: 0CVE-2007-1887
https://notcve.org/view.php?id=CVE-2007-1887
06 Apr 2007 — Buffer overflow in the sqlite_decode_binary function in the bundled sqlite library in PHP 4 before 4.4.5 and PHP 5 before 5.2.1 allows context-dependent attackers to execute arbitrary code via an empty value of the in parameter, as demonstrated by calling the sqlite_udf_decode_binary function with a 0x01 character. Desbordamiento de búfer en la función sqlite_decode_binary dentro de lo que es la libreria en PHP 4 anterior a 4.4.5 y PHP 5 anterior a 5.2.1 permite a atacantes dependientes del contexto ejecuta... • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •