Search

View CVE
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)

Final del formulario

Log In Register
Vulnerability Feeds & WidgetsNew www.itsecdb.com

Switch to
PHP » PHP » 5.2.3 : Security Vulnerabilities (Directory Traversal)
https://HomeBrowse : Cpe Name:cpe:/a:php:php:5.2.3

VendorsProductsVulnerabilities CVSS Scores Greater Than: 0 1 2 3 4 5 6 7 8 9

By DateVulnerabilities By Sort Results By : CVE Number Descending CVE Number Ascending CVSS Score Descending Numbe
Copy Results Download Results
TypeReports :

CVSS Score ReportCVSS # CVE ID CWE # of Vulnerability Publish Up

ID Exploits Type(s) Date D
Score DistributionSearch :

Vendor SearchProduct
SearchVersion
SearchVulnerability SearchBy
1 CVE-2012-1172 20 DoS Dir. Trav. 2012-05-23 201
The file-upload implementation in rfc1867.c in PHP before 5.4.0 does not properly handle
denial of service (malformed $_FILES indexes) or conduct directory traversal attacks durin

Microsoft ReferencesTop 50 : 2 CVE-2008-5658 22 Dir. Trav. 2008-12-17 201

VendorsVendor Cvss
ScoresProductsProduct Cvss
ScoresVersionsOther :
Microsoft BulletinsBugtraq
Directory traversal vulnerability in the ZipArchive::extractTo function in PHP 5.2.6 and ear
dot) sequences.
3 CVE-2008-2666 22 Dir. Trav. Bypass 2008-06-19 201
Multiple directory traversal vulnerabilities in PHP 5.2.6 and earlier allow context-dependen
slash) sequences in an http URL argument to the (1) chdir or (2) ftok function.

EntriesCWE DefinitionsAbout & 4 CVE-2007-4825 22 Exec Code Dir. 2007-09-11 201

Trav. Bypass
ContactFeedbackCVE
Directory traversal vulnerability in PHP 5.2.4 and earlier allows attackers to bypass open_
HelpFAQArticlesExternal

Links : 5 CVE-2007-4663 22 Dir. Trav. Bypass 2007-09-04 201

Directory traversal vulnerability in PHP before 5.2.4 allows attackers to bypass open_base
NVD WebsiteCWE Web Site
Principio del formulario Total number of vulnerabilities : 5 Page : 1 (This Page)
View CVE :
Go

(e.g.: CVE-2009-1234
or 2010-1234 or
20101234)
 Principio del formulario
View BID :
Go

(e.g.: 12345)
Principio del formulario
Search By Microsoft
Reference ID:
Go

(e.g.: ms10-001 or
979352)
How does it work? Known limitations & technical details User agreement, disclaimer and privacy statement About
& Contact Feedback
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site.
CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web
site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's
OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise,
with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to
evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL
BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF
ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.