Page 59 of 461 results (0.022 seconds)

CVSS: 6.9EPSS: 0%CPEs: 1EXPL: 0

PHP before 5.2.5 allows local users to bypass protection mechanisms configured through php_admin_value or php_admin_flag in httpd.conf by using ini_set to modify arbitrary configuration variables, a different issue than CVE-2006-4625. PHP anterior a 5.2.5 permite a usuarios locales evitar mecanismos de protección configurados a través de php_admin_value o php_admin_flag en httpd.conf con la utilización de ini_set para modificar variables de configuración de su elección, un asunto diferente que CVE-2006-4625. • http://bugs.php.net/bug.php?id=41561 http://secunia.com/advisories/27648 http://secunia.com/advisories/27659 http://secunia.com/advisories/30040 http://securitytracker.com/id?1018934 http://wiki.rpath.com/wiki/Advisories:rPSA-2007-0242 http://www.php.net/ChangeLog-5.php#5.2.5 http://www.php.net/releases/5_2_5.php http://www.securityfocus.com/archive/1/491693/100/0/threaded https://issues.rpath.com/browse/RPL-1943 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 1

The Component Object Model (COM) functions in PHP 5.x on Windows do not follow safe_mode and disable_functions restrictions, which allows context-dependent attackers to bypass intended limitations, as demonstrated by executing objects with the kill bit set in the corresponding ActiveX control Compatibility Flags, executing programs via a function in compatUI.dll, invoking wscript.shell via wscript.exe, invoking Scripting.FileSystemObject via wshom.ocx, and adding users via a function in shgina.dll, related to the com_load_typelib function. Las funciones Component Object Model (COM) en PHP 5.x sobre Windows no siguen las restricciones safe_mode y disable_functions, lo cual permite a atacantes dependientes del contexto evitar las limitaciones intencionadas, como se demostró ejecutando objetos con el bit matar asignado en el correspondientes controlador ActiveX Compatibility Flags, ejecutando programas a través de una función en compatUI.dll, invocando wscript.shell a través de wscript.exe, invocando Scripting.FileSystemObject a través de wshom.ocx, y añadiendo usuarios a través de una función en shgina.dll, relacionado con la función com_load_typelib. • https://www.exploit-db.com/exploits/4553 http://secunia.com/advisories/27280 http://www.vupen.com/english/advisories/2007/3590 https://exchange.xforce.ibmcloud.com/vulnerabilities/37368 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0

The disable_functions feature in PHP 4 and 5 allows attackers to bypass intended restrictions by using an alias, as demonstrated by using ini_alter when ini_set is disabled. La funcionalidad deshabilita_funciones de PHP 4 y 5 permite a atacantes remotos evitar restricciones intencionadas al utilizar alias, como se demuestra utilizando ini_alter cuando ini_set está deshabilitado. • http://securityreason.com/securityalert/3216 http://securityvulns.com/news/PHP/alias-pb.html http://securityvulns.ru/Sdocument67.html http://www.securityfocus.com/archive/1/482006/100/0/threaded •

CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 0

SimpNews 2.41.03 on Windows, when PHP before 5.0.0 is used, allows remote attackers to obtain sensitive information via an certain link_date parameter to events.php, which reveals the path in an error message due to an unsupported argument type for the mktime function on Windows. SimpNews 2.41.03 en Windows, al utilizar PHP anterior a 5.0.0, permite a atacantes remotos obtener información sensible mediante cierto parámetro link_date a events.php, lo cual revela la ruta en un mensaje de error debido a un tipo de argumento no soportado por la función mktime en Windows. • http://forum.boesch-it.de/viewtopic.php?t=2791 http://securityreason.com/securityalert/3174 http://www.netvigilance.com/advisory0068 http://www.securityfocus.com/archive/1/480588/100/0/threaded • CWE-20: Improper Input Validation •

CVSS: 6.8EPSS: 1%CPEs: 2EXPL: 0

The MySQL extension in PHP 5.2.4 and earlier allows remote attackers to bypass safe_mode and open_basedir restrictions via the MySQL (1) LOAD_FILE, (2) INTO DUMPFILE, and (3) INTO OUTFILE functions, a different issue than CVE-2007-3997. La extensión MySQL de PHP 5.2.4 y versiones anteriores permite a atacantes remotos evitar las restricciones safe_mode y open_basedir mediante las funciones MySQL (1) LOAD_FILE, (2) INTO DUMPFILE, y (3) INTO OUTFILE, asunto diferente de CVE-2007-3997. • http://securityreason.com/securityalert/3134 http://www.securityfocus.com/archive/1/479082/100/0/threaded http://www.securityfocus.com/archive/1/479187/100/200/threaded http://www.securityfocus.com/archive/1/479189/100/200/threaded https://exchange.xforce.ibmcloud.com/vulnerabilities/36555 •