Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php php 4.0.3 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2022-25866
The package czproject/git-php prior to 4.0.3 are vulnerable to Command Injection via git argument injection. When calling the isRemoteUrlReadable($url, array $refs = NULL) function, both the url and refs parameters are passed to the git ls-remote subcommand in a way that addition...
Git-php Project Git-php
6.5
CVSSv2
CVE-2021-21408
Smarty is a template engine for PHP, facilitating the separation of presentation (HTML/CSS) from application logic. Prior to versions 3.1.43 and 4.0.3, template authors could run restricted static php methods. Users should upgrade to version 3.1.43 or 4.0.3 to receive a patch.
Smarty Smarty
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Fedoraproject Fedora 36
Fedoraproject Fedora 37
7.5
CVSSv2
CVE-2019-19919
Versions of handlebars before 4.3.0 are vulnerable to Prototype Pollution leading to Remote Code Execution. Templates may alter an Object's __proto__ and __defineGetter__ properties, which may allow an malicious user to execute arbitrary code through crafted payloads.
Handlebars.js Project Handlebars.js 1.0.6
Handlebars.js Project Handlebars.js 1.0.7
Handlebars.js Project Handlebars.js 1.0.8
Handlebars.js Project Handlebars.js 1.0.9
Handlebars.js Project Handlebars.js 1.0.10
Handlebars.js Project Handlebars.js 1.0.11
Handlebars.js Project Handlebars.js 1.0.12
Handlebars.js Project Handlebars.js 1.1.0
Handlebars.js Project Handlebars.js 1.1.1
Handlebars.js Project Handlebars.js 1.1.2
Handlebars.js Project Handlebars.js 1.2.0
Handlebars.js Project Handlebars.js 1.2.1
Handlebars.js Project Handlebars.js 1.3.0
Handlebars.js Project Handlebars.js 2.0.0
Handlebars.js Project Handlebars.js 3.0.0
Handlebars.js Project Handlebars.js 3.0.1
Handlebars.js Project Handlebars.js 3.0.2
Handlebars.js Project Handlebars.js 3.0.3
Handlebars.js Project Handlebars.js 4.0.0
Handlebars.js Project Handlebars.js 4.0.1
Handlebars.js Project Handlebars.js 4.0.2
Handlebars.js Project Handlebars.js 4.0.3
4
CVSSv2
CVE-2018-20626
PHP Scripts Mall Consumer Reviews Script 4.0.3 has directory traversal via a direct request for a listing of an uploads directory such as the wp-content/uploads/2018/12 directory.
Consumer Reviews Script Project Consumer Reviews Script 4.0.3
3.5
CVSSv2
CVE-2018-20627
PHP Scripts Mall Consumer Reviews Script 4.0.3 has HTML injection via the search box.
Consumer Reviews Script Project Consumer Reviews Script 4.0.3
6.5
CVSSv2
CVE-2014-9619
Unrestricted file upload vulnerability in webadmin/ajaxfilemanager/ajaxfilemanager.php in Netsweeper prior to 3.1.10, 4.0.x prior to 4.0.9, and 4.1.x prior to 4.1.2 allows remote authenticated users with admin privileges on the Cloud Manager web console to execute arbitrary PHP c...
Netsweeper Netsweeper 4.0.7
Netsweeper Netsweeper 4.0.5
Netsweeper Netsweeper 4.0.3
Netsweeper Netsweeper 4.0.2
Netsweeper Netsweeper 4.0.1
Netsweeper Netsweeper 4.0.0
Netsweeper Netsweeper 4.0.8
Netsweeper Netsweeper 4.0.6
Netsweeper Netsweeper 4.0.4
Netsweeper Netsweeper
Netsweeper Netsweeper 4.1.1
Netsweeper Netsweeper 4.1.0
1 EDB exploit
4
CVSSv2
CVE-2017-1002024
Vulnerability in web application Kind Editor v4.1.12, kindeditor/php/upload_json.php does not check authentication before allow users to upload files.
Kindsoft Kind Editor 4.1.11
Kindsoft Kind Editor 4.1.9
Kindsoft Kind Editor 4.1.2
Kindsoft Kindeditor 4.1.12
Kindsoft Kind Editor 4.0.5
Kindsoft Kind Editor 4.0.4
Kindsoft Kind Editor 4.0.3
Kindsoft Kind Editor 4.0.2
Kindsoft Kind Editor 4.1.10
Kindsoft Kind Editor 4.1.8
Kindsoft Kind Editor 4.1.3
Kindsoft Kind Editor 4.1.1
Kindsoft Kind Editor 4.0.6
Kindsoft Kind Editor 4.0.1
Kindsoft Kind Editor
Kindsoft Kind Editor 4.1.7
Kindsoft Kind Editor 4.1.6
Kindsoft Kind Editor 4.1.5
Kindsoft Kind Editor 4.1.4
Kindsoft Kind Editor 4.1
Kindsoft Kind Editor 4.0
6.5
CVSSv2
CVE-2017-10993
Contao prior to 3.5.28 and 4.x prior to 4.4.1 allows remote malicious users to include and execute arbitrary local PHP files via a crafted parameter in a URL, aka Directory Traversal.
Contao Contao Cms 4.3.1
Contao Contao Cms 4.3.2
Contao Contao Cms 4.3.3
Contao Contao Cms 4.3.5
Contao Contao Cms 4.2.0
Contao Contao Cms 4.1.1
Contao Contao Cms
Contao Contao Cms 4.3.10
Contao Contao Cms 4.3.11
Contao Contao Cms 4.3.0
Contao Contao Cms 4.1.0
Contao Contao Cms 4.0.1
Contao Contao Cms 4.0.2
Contao Contao Cms 4.0.3
Contao Contao Cms 4.4.0
Contao Contao Cms 4.3.6
Contao Contao Cms 4.3.8
Contao Contao Cms 4.2.2
Contao Contao Cms 4.2.4
Contao Contao Cms 4.1.3
Contao Contao Cms 4.0.4
Contao Contao Cms 4.0.0
4.3
CVSSv2
CVE-2017-5963
An issue exists in caddy (for TYPO3) prior to 7.2.10. The vulnerability exists due to insufficient filtration of user-supplied data in the "paymillToken" HTTP POST parameter passed to the "caddy/Resources/Public/JavaScript/e-payment/paymill/api/php/payment.php"...
Caddy Project Caddy 2.1.4
Caddy Project Caddy 4.0.1
Caddy Project Caddy 4.0.3
Caddy Project Caddy 6.0.1
Caddy Project Caddy 6.1.0
Caddy Project Caddy 6.3.0
Caddy Project Caddy 6.0.2
Caddy Project Caddy 6.0.9
Caddy Project Caddy 6.0.12
Caddy Project Caddy 6.0.14
Caddy Project Caddy 2.1.5
Caddy Project Caddy 2.1.6
Caddy Project Caddy 3.0.0
Caddy Project Caddy 4.0.0
Caddy Project Caddy 6.3.3
Caddy Project Caddy 7.0.0
Caddy Project Caddy 7.1.0
Caddy Project Caddy 7.2.7
Caddy Project Caddy 4.0.2
Caddy Project Caddy 4.0.12
Caddy Project Caddy 6.2.1
Caddy Project Caddy 6.3.1
6.5
CVSSv2
CVE-2016-6609
An issue exists in phpMyAdmin. A specially crafted database name could be used to run arbitrary PHP commands through the array export feature. All 4.6.x versions (before 4.6.4), 4.4.x versions (before 4.4.15.8), and 4.0.x versions (before 4.0.10.17) are affected.
Phpmyadmin Phpmyadmin 4.4.15.7
Phpmyadmin Phpmyadmin 4.4.15.6
Phpmyadmin Phpmyadmin 4.4.14
Phpmyadmin Phpmyadmin 4.4.13.1
Phpmyadmin Phpmyadmin 4.4.7
Phpmyadmin Phpmyadmin 4.4.6.1
Phpmyadmin Phpmyadmin 4.4.1
Phpmyadmin Phpmyadmin 4.4.0
Phpmyadmin Phpmyadmin 4.4.15.2
Phpmyadmin Phpmyadmin 4.4.15.1
Phpmyadmin Phpmyadmin 4.4.11
Phpmyadmin Phpmyadmin 4.4.10
Phpmyadmin Phpmyadmin 4.4.4
Phpmyadmin Phpmyadmin 4.4.3
Phpmyadmin Phpmyadmin 4.4.15.5
Phpmyadmin Phpmyadmin 4.4.15.4
Phpmyadmin Phpmyadmin 4.4.15.3
Phpmyadmin Phpmyadmin 4.4.13
Phpmyadmin Phpmyadmin 4.4.12
Phpmyadmin Phpmyadmin 4.4.6
Phpmyadmin Phpmyadmin 4.4.5
Phpmyadmin Phpmyadmin 4.4.15
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »