Vulnerabilities > PHP
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2001-01-12 | CVE-2001-1385 | The Apache module for PHP 4.0.0 through PHP 4.0.4, when disabled with the 'engine = off' option for a virtual host, may disable PHP for other virtual hosts, which could cause Apache to serve the source code of PHP scripts. | 5.0 |
| 2000-12-19 | CVE-2000-0967 | Unspecified vulnerability in PHP 3.0/4.0 PHP 3 and 4 do not properly cleanse user-injected format strings, which allows remote attackers to execute arbitrary commands by triggering error messages that are improperly written to the error logs. | 10.0 |
| 2000-11-14 | CVE-2000-0860 | Unspecified vulnerability in PHP The file upload capability in PHP versions 3 and 4 allows remote attackers to read arbitrary files by setting hidden form fields whose names match the names of internal PHP script variables. | 5.0 |
| 2000-01-04 | CVE-2000-0059 | Unspecified vulnerability in PHP PHP3 with safe_mode enabled does not properly filter shell metacharacters from commands that are executed by popen, which could allow remote attackers to execute commands. | 10.0 |
| 1997-10-19 | CVE-1999-0068 | Unspecified vulnerability in PHP 1.0/2.0/2.0B10 CGI PHP mylog script allows an attacker to read any file on the target server. | 7.5 |
| 1997-10-16 | CVE-1999-0346 | Unspecified vulnerability in PHP FI CGI PHP mlog script allows an attacker to read any file on the target server. | 5.0 |
| 1997-08-01 | CVE-1999-0238 | Unspecified vulnerability in PHP 1.0/2.0/2.0B10 php.cgi allows attackers to read any file on the system. | 10.0 |
| 1997-04-17 | CVE-1999-0058 | Unspecified vulnerability in PHP 1.0/2.0B10 Buffer overflow in PHP cgi program, php.cgi allows shell access. | 7.5 |