PHP — популярный язык сценариев общего назначения, особенно подходящий для веб-разработки.

Релизный цикл, информация об уязвимостях

Продукт: PHP

Вендор: php

График релизов

Недавние уязвимости PHP

Количество 3 756

CVE-2000-0860

больше 24 лет назад

The file upload capability in PHP versions 3 and 4 allows remote attackers to read arbitrary files by setting hidden form fields whose names match the names of internal PHP script variables.

CVSS2: 5

EPSS: Низкий

CVE-2000-0967

больше 24 лет назад

PHP 3 and 4 do not properly cleanse user-injected format strings, which allows remote attackers to execute arbitrary commands by triggering error messages that are improperly written to the error logs.

EPSS: Средний

CVE-2000-0059

больше 25 лет назад

PHP3 with safe_mode enabled does not properly filter shell metacharacters from commands that are executed by popen, which could allow remote attackers to execute commands.

CVSS2: 10

EPSS: Низкий

CVE-1999-0068

больше 27 лет назад

CGI PHP mylog script allows an attacker to read any file on the target server.

CVSS2: 7.5

EPSS: Низкий

CVE-1999-0238

почти 28 лет назад

php.cgi allows attackers to read any file on the system.

CVSS2: 10

EPSS: Низкий

CVE-1999-0058

около 28 лет назад

Buffer overflow in PHP cgi program, php.cgi allows shell access.

CVSS2: 7.5

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано 1
CVE-2000-0860 The file upload capability in PHP versions 3 and 4 allows remote attackers to read arbitrary files by setting hidden form fields whose names match the names of internal PHP script variables.	CVSS2: 5	1% Низкий	больше 24 лет назад
CVE-2000-0967 PHP 3 and 4 do not properly cleanse user-injected format strings, which allows remote attackers to execute arbitrary commands by triggering error messages that are improperly written to the error logs.		27% Средний	больше 24 лет назад
CVE-2000-0059 PHP3 with safe_mode enabled does not properly filter shell metacharacters from commands that are executed by popen, which could allow remote attackers to execute commands.	CVSS2: 10	3% Низкий	больше 25 лет назад
CVE-1999-0068 CGI PHP mylog script allows an attacker to read any file on the target server.	CVSS2: 7.5	3% Низкий	больше 27 лет назад
CVE-1999-0238 php.cgi allows attackers to read any file on the system.	CVSS2: 10	2% Низкий	почти 28 лет назад
CVE-1999-0058 Buffer overflow in PHP cgi program, php.cgi allows shell access.	CVSS2: 7.5	1% Низкий	около 28 лет назад

Уязвимостей на страницу