CVSS: 2.1EPSS: 0%CPEs: 30EXPL: 0CVE-2006-2660
https://notcve.org/view.php?id=CVE-2006-2660
Buffer consumption vulnerability in the tempnam function in PHP 5.1.4 and 4.x before 4.4.3 allows local users to bypass restrictions and create PHP files with fixed names in other directories via a pathname argument longer than MAXPATHLEN, which prevents a unique string from being appended to the filename. • http://archives.neohapsis.com/archives/fulldisclosure/2006-06/0209.html http://cvs.php.net/viewcvs.cgi/php-src/NEWS?view=markup&rev=1.1247.2.920.2.134 http://secunia.com/advisories/21125 http://securityreason.com/securityalert/1069 http://securitytracker.com/id?1016271 http://www.mandriva.com/security/advisories?name=MDKSA-2006:122 http://www.securityfocus.com/archive/1/436785/100/0/threaded http://www.ubuntu.com/usn/usn-320-1 https://exchange.xforce.ibmcloud.com/vulnerabilities •
CVSS: 2.6EPSS: 3%CPEs: 65EXPL: 3CVE-2006-1494 – PHP 4.x - 'tempnam() open_basedir' Restriction Bypass
https://notcve.org/view.php?id=CVE-2006-1494
Directory traversal vulnerability in file.c in PHP 4.4.2 and 5.1.2 allows local users to bypass open_basedir restrictions allows remote attackers to create files in arbitrary directories via the tempnam function. • https://www.exploit-db.com/exploits/27595 ftp://patches.sgi.com/support/free/security/advisories/20060701-01-U http://rhn.redhat.com/errata/RHSA-2006-0549.html http://secunia.com/advisories/19599 http://secunia.com/advisories/19775 http://secunia.com/advisories/19979 http://secunia.com/advisories/21031 http://secunia.com/advisories/21125 http://secunia.com/advisories/21135 http://secunia.com/advisories/21202 http://secunia.com/advisories/21252 http://secunia.com/advisor •
CVSS: 2.1EPSS: 0%CPEs: 65EXPL: 3CVE-2006-1608 – PHP 4.x - 'copy() Safe_Mode' Bypass
https://notcve.org/view.php?id=CVE-2006-1608
The copy function in file.c in PHP 4.4.2 and 5.1.2 allows local users to bypass safe mode and read arbitrary files via a source argument containing a compress.zlib:// URI. • https://www.exploit-db.com/exploits/27596 http://secunia.com/advisories/19599 http://secunia.com/advisories/19775 http://secunia.com/advisories/21125 http://securityreason.com/achievement_securityalert/37 http://securityreason.com/securityalert/678 http://securitytracker.com/id?1015882 http://us.php.net/releases/5_1_3.php http://www.mandriva.com/security/advisories?name=MDKSA-2006:074 http://www.osvdb.org/24487 http://www.securityfocus.com/archive/1/430461/100/0/threaded ht •
CVSS: 5.0EPSS: 22%CPEs: 75EXPL: 1CVE-2006-1490 – PHP 4.x/5.x - 'Html_Entity_Decode()' Information Disclosure
https://notcve.org/view.php?id=CVE-2006-1490
PHP before 5.1.3-RC1 might allow remote attackers to obtain portions of memory via crafted binary data sent to a script that processes user input in the html_entity_decode function and sends the encoded results back to the client, aka a "binary safety" issue. NOTE: this issue has been referred to as a "memory leak," but it is an information leak that discloses memory contents. • https://www.exploit-db.com/exploits/27508 ftp://patches.sgi.com/support/free/security/advisories/20060501-01-U.asc http://bugs.gentoo.org/show_bug.cgi?id=127939 http://cvs.php.net/viewcvs.cgi/php-src/ext/standard/html.c?r1=1.112&r2=1.113 http://cvs.php.net/viewcvs.cgi/php-src/ext/standard/html.c?view=log http://docs.info.apple.com/article.html?artnum=304829 http://lists.apple.com/archives/security-announce/2006/Nov/msg00001.html http://rhn.redhat.com/erra •
CVSS: 3.2EPSS: 0%CPEs: 30EXPL: 2CVE-2006-1014 – PHP 4.x/5.0/5.1 - 'mb_send_mail()' Restriction Bypass
https://notcve.org/view.php?id=CVE-2006-1014
Argument injection vulnerability in certain PHP 4.x and 5.x applications, when used with sendmail and when accepting remote input for the additional_parameters argument to the mb_send_mail function, allows context-dependent attackers to read and create arbitrary files by providing extra -C and -X arguments to sendmail. NOTE: it could be argued that this is a class of technology-specific vulnerability, instead of a particular instance; if so, then this should not be included in CVE. • https://www.exploit-db.com/exploits/27335 http://secunia.com/advisories/18694 http://secunia.com/advisories/19979 http://www.novell.com/linux/security/advisories/05-05-2006.html http://www.osvdb.org/23534 http://www.securityfocus.com/archive/1/426342/100/0/threaded http://www.securityfocus.com/bid/16878 http://www.vupen.com/english/advisories/2006/0772 •