Every CVE whose affected-product data names Php Pear, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2006-0144 — CVSS 7.5 (high): The proxy server feature in go-pear.php in PHP PEAR 0.2.2, as used in Apache2Triad, allows remote attackers to execute arbitrary PHP code…
CVE-2017-5630 — CVSS 7.5 (high): PECL in the download utility class in the Installer in PEAR Base System v1.10.1 does not validate file types and filenames after a…
CVE-2005-4154 — CVSS 5.1 (medium): Unspecified vulnerability in PEAR installer 1.4.2 and earlier allows user-assisted attackers to execute arbitrary code via a crafted…
CVE-2011-1072 — CVSS 3.3 (low): The installer in PEAR before 1.9.2 allows local users to overwrite arbitrary files via a symlink attack on the package.xml file, related to…
CVE-2011-1144 — CVSS 3.3 (low): The installer in PEAR 1.9.2 and earlier allows local users to overwrite arbitrary files via a symlink attack on the package.xml file…