Skip to main content
CVE-2014-4721 LOW POC Monitor

The phpinfo implementation in ext/standard/info.c in PHP before 5.4.30 and 5.5.x before 5.5.14 does not ensure use of the string data type for the PHP_AUTH_PW, PHP_AUTH_TYPE, PHP_AUTH_USER, and. Rated low severity (CVSS 2.6), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

PHP Information Disclosure Apache Debian Linux
NVD
CVSS 2.0
2.6
EPSS
9.9%
CVE-2014-4720 MEDIUM This Month

Email::Address module before 1.904 for Perl uses an inefficient regular expression, which allows remote attackers to cause a denial of service (CPU consumption) via vectors related to "backtracking. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service
NVD GitHub
CVSS 2.0
5.0
EPSS
0.5%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy