PHP — популярный язык сценариев общего назначения, особенно подходящий для веб-разработки.

Релизный цикл, информация об уязвимостях

Продукт: PHP

Вендор: php

График релизов

Недавние уязвимости PHP

Количество 3 883

CVE-2008-0599

почти 18 лет назад

The init_request_info function in sapi/cgi/cgi_main.c in PHP before 5.2.6 does not properly consider operator precedence when calculating the length of PATH_TRANSLATED, which might allow remote attackers to execute arbitrary code via a crafted URI.

CVSS3: 9.8

EPSS: Средний

CVE-2008-2050

почти 18 лет назад

Stack-based buffer overflow in the FastCGI SAPI (fastcgi.c) in PHP bef ...

CVSS2: 10

EPSS: Низкий

CVE-2008-0599

почти 18 лет назад

The init_request_info function in sapi/cgi/cgi_main.c in PHP before 5. ...

CVSS3: 9.8

EPSS: Средний

CVE-2008-2051

почти 18 лет назад

The escapeshellcmd API function in PHP before 5.2.6 has unknown impact ...

CVSS2: 10

EPSS: Низкий

CVE-2008-2050

почти 18 лет назад

Stack-based buffer overflow in the FastCGI SAPI (fastcgi.c) in PHP before 5.2.6 has unknown impact and attack vectors.

CVSS2: 10

EPSS: Низкий

CVE-2008-0599

почти 18 лет назад

The init_request_info function in sapi/cgi/cgi_main.c in PHP before 5.2.6 does not properly consider operator precedence when calculating the length of PATH_TRANSLATED, which might allow remote attackers to execute arbitrary code via a crafted URI.

CVSS3: 9.8

EPSS: Средний

CVE-2008-2051

почти 18 лет назад

The escapeshellcmd API function in PHP before 5.2.6 has unknown impact and context-dependent attack vectors related to "incomplete multibyte chars."

CVSS2: 10

EPSS: Низкий

CVE-2008-2051

почти 18 лет назад

The escapeshellcmd API function in PHP before 5.2.6 has unknown impact and context-dependent attack vectors related to "incomplete multibyte chars."

EPSS: Низкий

CVE-2008-0599

почти 18 лет назад

The init_request_info function in sapi/cgi/cgi_main.c in PHP before 5.2.6 does not properly consider operator precedence when calculating the length of PATH_TRANSLATED, which might allow remote attackers to execute arbitrary code via a crafted URI.

CVSS2: 4.3

EPSS: Средний

CVE-2008-2050

почти 18 лет назад

Stack-based buffer overflow in the FastCGI SAPI (fastcgi.c) in PHP before 5.2.6 has unknown impact and attack vectors.

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано 1
CVE-2008-0599 The init_request_info function in sapi/cgi/cgi_main.c in PHP before 5.2.6 does not properly consider operator precedence when calculating the length of PATH_TRANSLATED, which might allow remote attackers to execute arbitrary code via a crafted URI.	CVSS3: 9.8	50% Средний	почти 18 лет назад
CVE-2008-2050 Stack-based buffer overflow in the FastCGI SAPI (fastcgi.c) in PHP bef ...	CVSS2: 10	7% Низкий	почти 18 лет назад
CVE-2008-0599 The init_request_info function in sapi/cgi/cgi_main.c in PHP before 5. ...	CVSS3: 9.8	50% Средний	почти 18 лет назад
CVE-2008-2051 The escapeshellcmd API function in PHP before 5.2.6 has unknown impact ...	CVSS2: 10	6% Низкий	почти 18 лет назад
CVE-2008-2050 Stack-based buffer overflow in the FastCGI SAPI (fastcgi.c) in PHP before 5.2.6 has unknown impact and attack vectors.	CVSS2: 10	7% Низкий	почти 18 лет назад
CVE-2008-0599 The init_request_info function in sapi/cgi/cgi_main.c in PHP before 5.2.6 does not properly consider operator precedence when calculating the length of PATH_TRANSLATED, which might allow remote attackers to execute arbitrary code via a crafted URI.	CVSS3: 9.8	50% Средний	почти 18 лет назад
CVE-2008-2051 The escapeshellcmd API function in PHP before 5.2.6 has unknown impact and context-dependent attack vectors related to "incomplete multibyte chars."	CVSS2: 10	6% Низкий	почти 18 лет назад
CVE-2008-2051 The escapeshellcmd API function in PHP before 5.2.6 has unknown impact and context-dependent attack vectors related to "incomplete multibyte chars."		6% Низкий	почти 18 лет назад
CVE-2008-0599 The init_request_info function in sapi/cgi/cgi_main.c in PHP before 5.2.6 does not properly consider operator precedence when calculating the length of PATH_TRANSLATED, which might allow remote attackers to execute arbitrary code via a crafted URI.	CVSS2: 4.3	50% Средний	почти 18 лет назад
CVE-2008-2050 Stack-based buffer overflow in the FastCGI SAPI (fastcgi.c) in PHP before 5.2.6 has unknown impact and attack vectors.		7% Низкий	почти 18 лет назад

Уязвимостей на страницу