Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php php 4.3.0 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-5201
The OpenHook plugin for WordPress is vulnerable to Remote Code Execution in versions up to, and including, 4.3.0 via the 'php' shortcode. This allows authenticated attackers with subscriber-level permissions or above, to execute code on the server. This requires the [ph...
Rickbeckman Openhook
578
VMScore
CVE-2021-37626
Contao is an open source CMS that allows you to create websites and scalable web applications. In affected versions it is possible to load PHP files by entering insert tags in the Contao back end. Installations are only affected if they have untrusted back end users who have the ...
Contao Contao 4.0.0
Contao Contao 4.1.0
Contao Contao 4.2.0
Contao Contao 4.3.0
Contao Contao
Contao Contao 4.5.0
Contao Contao 4.6.0
Contao Contao 4.7.0
Contao Contao 4.8.0
Contao Contao 4.10.0
668
VMScore
CVE-2019-19919
Versions of handlebars before 4.3.0 are vulnerable to Prototype Pollution leading to Remote Code Execution. Templates may alter an Object's __proto__ and __defineGetter__ properties, which may allow an malicious user to execute arbitrary code through crafted payloads.
Handlebars.js Project Handlebars.js 1.0.6
Handlebars.js Project Handlebars.js 1.0.7
Handlebars.js Project Handlebars.js 1.0.8
Handlebars.js Project Handlebars.js 1.0.9
Handlebars.js Project Handlebars.js 1.0.10
Handlebars.js Project Handlebars.js 1.0.11
Handlebars.js Project Handlebars.js 1.0.12
Handlebars.js Project Handlebars.js 1.1.0
Handlebars.js Project Handlebars.js 1.1.1
Handlebars.js Project Handlebars.js 1.1.2
Handlebars.js Project Handlebars.js 1.2.0
Handlebars.js Project Handlebars.js 1.2.1
Handlebars.js Project Handlebars.js 1.3.0
Handlebars.js Project Handlebars.js 2.0.0
Handlebars.js Project Handlebars.js 3.0.0
Handlebars.js Project Handlebars.js 3.0.1
Handlebars.js Project Handlebars.js 3.0.2
Handlebars.js Project Handlebars.js 3.0.3
Handlebars.js Project Handlebars.js 4.0.0
Handlebars.js Project Handlebars.js 4.0.1
Handlebars.js Project Handlebars.js 4.0.2
Handlebars.js Project Handlebars.js 4.0.3
605
VMScore
CVE-2019-18887
An issue exists in Symfony 2.8.0 up to and including 2.8.50, 3.4.0 up to and including 3.4.34, 4.2.0 up to and including 4.2.11, and 4.3.0 up to and including 4.3.7. The UriSigner was subject to timing attacks. This is related to symfony/http-kernel.
Sensiolabs Symfony
Fedoraproject Fedora 30
Fedoraproject Fedora 31
445
VMScore
CVE-2019-18888
An issue exists in Symfony 2.8.0 up to and including 2.8.50, 3.4.0 up to and including 3.4.34, 4.2.0 up to and including 4.2.11, and 4.3.0 up to and including 4.3.7. If an application passes unvalidated user input as the file for which MIME type validation should occur, then arbi...
Sensiolabs Symfony
Fedoraproject Fedora 30
Fedoraproject Fedora 31
1 Github repository
668
VMScore
CVE-2019-18889
An issue exists in Symfony 3.4.0 up to and including 3.4.34, 4.2.0 up to and including 4.2.11, and 4.3.0 up to and including 4.3.7. Serializing certain cache adapter interfaces could result in remote code injection. This is related to symfony/cache.
Sensiolabs Symfony
Fedoraproject Fedora 31
1 Github repository
668
VMScore
CVE-2019-3570
Call to the scrypt_enc() function in HHVM can lead to heap corruption by using specifically crafted parameters (N, r and p). This happens if the parameters are configurable by an attacker for instance by providing the output of scrypt_enc() in a context where Hack/PHP code would ...
Facebook Hiphop Virtual Machine 4.4.0
Facebook Hiphop Virtual Machine 4.5.0
Facebook Hiphop Virtual Machine 4.6.0
Facebook Hiphop Virtual Machine 4.7.0
Facebook Hiphop Virtual Machine 4.1.0
Facebook Hiphop Virtual Machine 4.3.0
Facebook Hiphop Virtual Machine 4.8.0
Facebook Hiphop Virtual Machine 4.2.0
Facebook Hiphop Virtual Machine
580
VMScore
CVE-2017-10993
Contao prior to 3.5.28 and 4.x prior to 4.4.1 allows remote malicious users to include and execute arbitrary local PHP files via a crafted parameter in a URL, aka Directory Traversal.
Contao Contao Cms 4.3.1
Contao Contao Cms 4.3.2
Contao Contao Cms 4.3.3
Contao Contao Cms 4.3.5
Contao Contao Cms 4.2.0
Contao Contao Cms 4.1.1
Contao Contao Cms
Contao Contao Cms 4.3.10
Contao Contao Cms 4.3.11
Contao Contao Cms 4.3.0
Contao Contao Cms 4.1.0
Contao Contao Cms 4.0.1
Contao Contao Cms 4.0.2
Contao Contao Cms 4.0.3
Contao Contao Cms 4.4.0
Contao Contao Cms 4.3.6
Contao Contao Cms 4.3.8
Contao Contao Cms 4.2.2
Contao Contao Cms 4.2.4
Contao Contao Cms 4.1.3
Contao Contao Cms 4.0.4
Contao Contao Cms 4.0.0
445
VMScore
CVE-2017-8050
Tenable Appliance 4.4.0, and possibly prior, contains a flaw in the Web UI that allows for the unauthorized manipulation of the admin password.
Tenable Appliance
1000
VMScore
CVE-2017-8051
Tenable Appliance 3.5 - 4.4.0, and possibly prior versions, contains a flaw in the simpleupload.py script in the Web UI. Through the manipulation of the tns_appliance_session_user parameter, a remote attacker can inject arbitrary commands.
Tenable Appliance 3.10.0
Tenable Appliance 4.0.0
Tenable Appliance 4.4.0
Tenable Appliance 3.5.0
Tenable Appliance 4.1.0
Tenable Appliance 4.2.0
Tenable Appliance 4.3.0
Tenable Appliance 4.3.1
Tenable Appliance 3.5.1
Tenable Appliance 3.10.1
Tenable Appliance 3.4.0
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »