Vulnerabilities > PHP > Low
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-10-27 | CVE-2005-3319 | Local Denial of Service vulnerability in PHP Apache 2 The apache2handler SAPI (sapi_apache2.c) in the Apache module (mod_php) for PHP 5.x before 5.1.0 final and 4.4 before 4.4.1 final allows attackers to cause a denial of service (segmentation fault) via the session.save_path option in a .htaccess file or VirtualHost. | 2.1 |
2005-09-26 | CVE-2005-3054 | Unspecified vulnerability in PHP 4.4.0 fopen_wrappers.c in PHP 4.4.0, and possibly other versions, does not properly restrict access to other directories when the open_basedir directive includes a trailing slash, which allows PHP scripts in one directory to access files in other directories whose names are substrings of the original directory. | 2.1 |
2005-05-02 | CVE-2005-0596 | Denial Of Service vulnerability in PHP 4.0 PHP 4 (PHP4) allows attackers to cause a denial of service (daemon crash) by using the readfile function on a file whose size is a multiple of the page size. | 2.1 |
2004-11-03 | CVE-2004-0959 | Unspecified vulnerability in PHP rfc1867.c in PHP before 5.0.2 allows local users to upload files to arbitrary locations via a PHP script with a certain MIME header that causes the "$_FILES" array to be modified. | 2.1 |
2002-03-25 | CVE-2002-0121 | Local Information Disclosure vulnerability in PHP4 Session Files PHP 4.0 through 4.1.1 stores session IDs in temporary files whose name contains the session ID, which allows local users to hijack web connections. | 2.1 |