Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php php 4.0.3 vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2022-25866
The package czproject/git-php prior to 4.0.3 are vulnerable to Command Injection via git argument injection. When calling the isRemoteUrlReadable($url, array $refs = NULL) function, both the url and refs parameters are passed to the git ls-remote subcommand in a way that addition...
Git-php Project Git-php
8.8
CVSSv3
CVE-2021-21408
Smarty is a template engine for PHP, facilitating the separation of presentation (HTML/CSS) from application logic. Prior to versions 3.1.43 and 4.0.3, template authors could run restricted static php methods. Users should upgrade to version 3.1.43 or 4.0.3 to receive a patch.
Smarty Smarty
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Fedoraproject Fedora 36
Fedoraproject Fedora 37
9.8
CVSSv3
CVE-2019-19919
Versions of handlebars before 4.3.0 are vulnerable to Prototype Pollution leading to Remote Code Execution. Templates may alter an Object's __proto__ and __defineGetter__ properties, which may allow an malicious user to execute arbitrary code through crafted payloads.
Handlebars.js Project Handlebars.js 1.0.6
Handlebars.js Project Handlebars.js 1.0.7
Handlebars.js Project Handlebars.js 1.0.8
Handlebars.js Project Handlebars.js 1.0.9
Handlebars.js Project Handlebars.js 1.0.10
Handlebars.js Project Handlebars.js 1.0.11
Handlebars.js Project Handlebars.js 1.0.12
Handlebars.js Project Handlebars.js 1.1.0
Handlebars.js Project Handlebars.js 1.1.1
Handlebars.js Project Handlebars.js 1.1.2
Handlebars.js Project Handlebars.js 1.2.0
Handlebars.js Project Handlebars.js 1.2.1
Handlebars.js Project Handlebars.js 1.3.0
Handlebars.js Project Handlebars.js 2.0.0
Handlebars.js Project Handlebars.js 3.0.0
Handlebars.js Project Handlebars.js 3.0.1
Handlebars.js Project Handlebars.js 3.0.2
Handlebars.js Project Handlebars.js 3.0.3
Handlebars.js Project Handlebars.js 4.0.0
Handlebars.js Project Handlebars.js 4.0.1
Handlebars.js Project Handlebars.js 4.0.2
Handlebars.js Project Handlebars.js 4.0.3
6.5
CVSSv3
CVE-2018-20626
PHP Scripts Mall Consumer Reviews Script 4.0.3 has directory traversal via a direct request for a listing of an uploads directory such as the wp-content/uploads/2018/12 directory.
Consumer Reviews Script Project Consumer Reviews Script 4.0.3
5.4
CVSSv3
CVE-2018-20627
PHP Scripts Mall Consumer Reviews Script 4.0.3 has HTML injection via the search box.
Consumer Reviews Script Project Consumer Reviews Script 4.0.3
7.2
CVSSv3
CVE-2014-9619
Unrestricted file upload vulnerability in webadmin/ajaxfilemanager/ajaxfilemanager.php in Netsweeper prior to 3.1.10, 4.0.x prior to 4.0.9, and 4.1.x prior to 4.1.2 allows remote authenticated users with admin privileges on the Cloud Manager web console to execute arbitrary PHP c...
Netsweeper Netsweeper 4.0.7
Netsweeper Netsweeper 4.0.5
Netsweeper Netsweeper 4.0.3
Netsweeper Netsweeper 4.0.2
Netsweeper Netsweeper 4.0.1
Netsweeper Netsweeper 4.0.0
Netsweeper Netsweeper 4.0.8
Netsweeper Netsweeper 4.0.6
Netsweeper Netsweeper 4.0.4
Netsweeper Netsweeper
Netsweeper Netsweeper 4.1.1
Netsweeper Netsweeper 4.1.0
1 EDB exploit
4.3
CVSSv3
CVE-2017-1002024
Vulnerability in web application Kind Editor v4.1.12, kindeditor/php/upload_json.php does not check authentication before allow users to upload files.
Kindsoft Kind Editor 4.1.11
Kindsoft Kind Editor 4.1.9
Kindsoft Kind Editor 4.1.2
Kindsoft Kindeditor 4.1.12
Kindsoft Kind Editor 4.0.5
Kindsoft Kind Editor 4.0.4
Kindsoft Kind Editor 4.0.3
Kindsoft Kind Editor 4.0.2
Kindsoft Kind Editor 4.1.10
Kindsoft Kind Editor 4.1.8
Kindsoft Kind Editor 4.1.3
Kindsoft Kind Editor 4.1.1
Kindsoft Kind Editor 4.0.6
Kindsoft Kind Editor 4.0.1
Kindsoft Kind Editor
Kindsoft Kind Editor 4.1.7
Kindsoft Kind Editor 4.1.6
Kindsoft Kind Editor 4.1.5
Kindsoft Kind Editor 4.1.4
Kindsoft Kind Editor 4.1
Kindsoft Kind Editor 4.0
8.8
CVSSv3
CVE-2017-10993
Contao prior to 3.5.28 and 4.x prior to 4.4.1 allows remote malicious users to include and execute arbitrary local PHP files via a crafted parameter in a URL, aka Directory Traversal.
Contao Contao Cms 4.3.1
Contao Contao Cms 4.3.2
Contao Contao Cms 4.3.3
Contao Contao Cms 4.3.5
Contao Contao Cms 4.2.0
Contao Contao Cms 4.1.1
Contao Contao Cms
Contao Contao Cms 4.3.10
Contao Contao Cms 4.3.11
Contao Contao Cms 4.3.0
Contao Contao Cms 4.1.0
Contao Contao Cms 4.0.1
Contao Contao Cms 4.0.2
Contao Contao Cms 4.0.3
Contao Contao Cms 4.4.0
Contao Contao Cms 4.3.6
Contao Contao Cms 4.3.8
Contao Contao Cms 4.2.2
Contao Contao Cms 4.2.4
Contao Contao Cms 4.1.3
Contao Contao Cms 4.0.4
Contao Contao Cms 4.0.0
6.1
CVSSv3
CVE-2017-5963
An issue exists in caddy (for TYPO3) prior to 7.2.10. The vulnerability exists due to insufficient filtration of user-supplied data in the "paymillToken" HTTP POST parameter passed to the "caddy/Resources/Public/JavaScript/e-payment/paymill/api/php/payment.php"...
Caddy Project Caddy 2.1.4
Caddy Project Caddy 4.0.1
Caddy Project Caddy 4.0.3
Caddy Project Caddy 6.0.1
Caddy Project Caddy 6.1.0
Caddy Project Caddy 6.3.0
Caddy Project Caddy 6.0.2
Caddy Project Caddy 6.0.9
Caddy Project Caddy 6.0.12
Caddy Project Caddy 6.0.14
Caddy Project Caddy 2.1.5
Caddy Project Caddy 2.1.6
Caddy Project Caddy 3.0.0
Caddy Project Caddy 4.0.0
Caddy Project Caddy 6.3.3
Caddy Project Caddy 7.0.0
Caddy Project Caddy 7.1.0
Caddy Project Caddy 7.2.7
Caddy Project Caddy 4.0.2
Caddy Project Caddy 4.0.12
Caddy Project Caddy 6.2.1
Caddy Project Caddy 6.3.1
8.8
CVSSv3
CVE-2016-6609
An issue exists in phpMyAdmin. A specially crafted database name could be used to run arbitrary PHP commands through the array export feature. All 4.6.x versions (before 4.6.4), 4.4.x versions (before 4.4.15.8), and 4.0.x versions (before 4.0.10.17) are affected.
Phpmyadmin Phpmyadmin 4.4.15.7
Phpmyadmin Phpmyadmin 4.4.15.6
Phpmyadmin Phpmyadmin 4.4.14
Phpmyadmin Phpmyadmin 4.4.13.1
Phpmyadmin Phpmyadmin 4.4.7
Phpmyadmin Phpmyadmin 4.4.6.1
Phpmyadmin Phpmyadmin 4.4.1
Phpmyadmin Phpmyadmin 4.4.0
Phpmyadmin Phpmyadmin 4.4.15.2
Phpmyadmin Phpmyadmin 4.4.15.1
Phpmyadmin Phpmyadmin 4.4.11
Phpmyadmin Phpmyadmin 4.4.10
Phpmyadmin Phpmyadmin 4.4.4
Phpmyadmin Phpmyadmin 4.4.3
Phpmyadmin Phpmyadmin 4.4.15.5
Phpmyadmin Phpmyadmin 4.4.15.4
Phpmyadmin Phpmyadmin 4.4.15.3
Phpmyadmin Phpmyadmin 4.4.13
Phpmyadmin Phpmyadmin 4.4.12
Phpmyadmin Phpmyadmin 4.4.6
Phpmyadmin Phpmyadmin 4.4.5
Phpmyadmin Phpmyadmin 4.4.15
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-22460
CVE-2024-4646
CVE-2024-29212
IMAP
CVE-2023-36672
CVE-2024-34547
command injection
CVE-2024-4651
stored XSS
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »