php check safe mode include dir software vulnerabilities
vulnerabilities.aspcode.net
Searching php check safe mode include dir software vulnerabilities
Safe Mode feature (safe_mode) in PHP 3.0 throug
feature
|
Mode
|
Safe
|
Safe Mode feature (safe_mode) in PHP 3.0 through 4.1.0 allows attackers with access to the MySQL database to bypass Safe Mode access restrictions and read arbitrary files using "LOAD DATA INFILE LOCAL" SQL statements.
PHP 4.x to 4.3.9, and PHP 5.x to 5.0.2, when ru
PHP
|
PHP 4.x to 4.3.9, and PHP 5.x to 5.0.2, when running in safe mode on a multithreaded Unix webserver, allows local users to bypass safe_mode_exec_dir restrictions and execute commands outside of the intended safe_mode_exec_dir via shell metacharacters in the current directory name. NOTE: this issue was originally REJECTed by its CNA before publication, but that decision is in active dispute. This candidate may change significantly in the future as a result of further discussion.
The safe mode checks in PHP 4.x to 4.3.9 and PH
checks
|
mode
|
safe
|
PHP
|
The safe mode checks in PHP 4.x to 4.3.9 and PHP 5.x to 5.0.2 truncate the file path before passing the data to the realpath function, which could allow attackers to bypass safe mode. NOTE: this issue was originally REJECTed by its CNA before publication, but that decision is in active dispute. This candidate may change significantly in the future as a result of further discussion.
The exec_dir PHP patch (php-exec-dir) 4.3.2 thr
exec_dir
|
patch
|
PHP
|
The exec_dir PHP patch (php-exec-dir) 4.3.2 through 4.3.7 with safe mode disabled allows remote attackers to bypass restrictions and execute arbitrary commands via a backtick operator, which is not handled using the php_escape_shell_cmd function.
PHP remote file inclusion vulnerability in main
vulnerability
|
include_dir
|
parameter
|
attackers
|
arbitrary
|
inclusion
|
osTicket
|
mainphp
|
execute
|
remote
|
allows
|
code
|
file
|
PHP
|
via
|
PHP remote file inclusion vulnerability in main.php in osTicket allows remote attackers to execute arbitrary PHP code via the include_dir parameter.
Multiple vulnerabilities in PHP before 4.4.1 al
vulnerabilities
|
Multiple
|
before
|
PHP
|
Multiple vulnerabilities in PHP before 4.4.1 allow remote attackers to bypass safe_mode and open_basedir restrictions via unknown attack vectors in (1) ext/curl and (2) ext/gd.
Unspecified vulnerability in PHP before 4.4.1,
vulnerability
|
Unspecified
|
before
|
PHP
|
Unspecified vulnerability in PHP before 4.4.1, when using the virtual function on Apache 2, allows remote attackers to bypass safe_mode and open_basedir directives.
The c-client library 2000, 2001, or 2004 for PH
c-client
|
library
|
The c-client library 2000, 2001, or 2004 for PHP before 4.4.4 and 5.x before 5.1.5 do not check the (1) safe_mode or (2) open_basedir functions, and when used in applications that accept user-controlled input for the mailbox argument to the imap_open function, allow remote attackers to obtain access to an IMAP stream data structure and conduct unauthorized IMAP actions.
PHP remote file include vulnerability in PageCo
KnowledgebasePublisher
|
PageControllerphp
|
vulnerability
|
parameter
|
arbitrary
|
attackers
|
execute
|
include
|
remote
|
allows
|
code
|
file
|
dir
|
PHP
|
via
|
URL
|
PHP remote file include vulnerability in PageController.php in KnowledgebasePublisher 1.2 allows remote attackers to include and execute arbitrary PHP code via a URL in the dir parameter.
The copy function in file.c in PHP 4.4.2 and 5.
function
|
filec
|
copy
|
PHP
|
The copy function in file.c in PHP 4.4.2 and 5.1.2 allows local users to bypass safe mode and read arbitrary files via a source argument containing a compress.zlib:// URI.
The cURL library (libcurl) in PHP 4.4.2 and 5.1
library
|
cURL
|
The cURL library (libcurl) in PHP 4.4.2 and 5.1.4 allows attackers to bypass safe mode and read files via a file:// request containing null characters.
The error_log function in basic_functions.c in
basic_functionsc
|
error_log
|
function
|
before
|
PHP
|
The error_log function in basic_functions.c in PHP before 4.4.4 and 5.x before 5.1.5 allows local users to bypass safe mode and open_basedir restrictions via a "php://" or other scheme in the third argument, which disables safe mode.
The (1) file_exists and (2) imap_reopen functio
The (1) file_exists and (2) imap_reopen functions in PHP before 5.1.5 do not check for the safe_mode and open_basedir settings, which allows local users to bypass the settings. NOTE: the error_log function is covered by CVE-2006-3011, and the imap_open function is covered by CVE-2006-1017.
PHP remote file inclusion vulnerability in open
vulnerability
|
open_formphp
|
include_dir
|
attackers
|
parameter
|
arbitrary
|
inclusion
|
osTicket
|
execute
|
remote
|
allows
|
code
|
file
|
PHP
|
via
|
URL
|
PHP remote file inclusion vulnerability in open_form.php in osTicket allows remote attackers to execute arbitrary PHP code via a URL in the include_dir parameter.
PHP before 5.2.1 allows attackers to bypass saf
before
|
PHP
|
PHP before 5.2.1 allows attackers to bypass safe_mode and open_basedir restrictions via unspecified vectors in the session extension. NOTE: it is possible that this issue is a duplicate of CVE-2006-6383.
The PHP COM extensions for PHP on Windows syste
context-dependent
|
WScriptShell
|
demonstrated
|
extensions
|
arbitrary
|
attackers
|
bypasses
|
execute
|
systems
|
Windows
|
method
|
cmdexe
|
object
|
allow
|
PHP's
|
which
|
using
|
mode
|
safe
|
code
|
PHP
|
Run
|
via
|
The PHP COM extensions for PHP on Windows systems allow context-dependent attackers to execute arbitrary code via a WScript.Shell COM object, as demonstrated by using the Run method of this object to execute cmd.exe, which bypasses PHP's safe mode.
Multiple PHP remote file inclusion vulnerabilit
inc/include_allincphp
|
vulnerabilities
|
phporacleview
|
attackers
|
inclusion
|
arbitrary
|
Multiple
|
execute
|
remote
|
allow
|
code
|
file
|
URL
|
via
|
PHP
|
Multiple PHP remote file inclusion vulnerabilities in inc/include_all.inc.php in phporacleview allow remote attackers to execute arbitrary PHP code via a URL in the (1) page_dir or (2) inc_dir parameters.
The win32std extension in PHP 5.2.3 does not fo
extension
|
win32std
|
PHP
|
The win32std extension in PHP 5.2.3 does not follow safe_mode and disable_functions restrictions, which allows remote attackers to execute arbitrary commands via the win_shell_execute function.
The perl extension in PHP does not follow safe_
context-dependent
|
restrictions
|
attackers
|
safe_mode
|
arbitrary
|
extension
|
function
|
execute
|
allows
|
follow
|
which
|
eval
|
code
|
perl
|
does
|
via
|
not
|
PHP
|
The perl extension in PHP does not follow safe_mode restrictions, which allows context-dependent attackers to execute arbitrary code via the Perl eval function. NOTE: this might only be a vulnerability in limited environments.
The MySQL extension in PHP 5.2.4 and earlier al
extension
|
MySQL
|
PHP
|
The MySQL extension in PHP 5.2.4 and earlier allows remote attackers to bypass safe_mode and open_basedir restrictions via the MySQL (1) LOAD_FILE, (2) INTO DUMPFILE, and (3) INTO OUTFILE functions, a different issue than CVE-2007-3997.
Software vulnerabilities results 1 to 20 of 3604
Page:
1
2
3
4
5
...
181
►