Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php php 4.3.9 vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2005-0524
The php_handle_iff function in image.c for PHP 4.2.2, 4.3.9, 4.3.10 and 5.0.3, as reachable by the getimagesize PHP function, allows remote malicious users to cause a denial of service (infinite loop) via a -8 size value.
Php Php 4.2.2
Php Php 4.3.10
Php Php 4.3.9
Php Php 5.0.3
5
CVSSv2
CVE-2005-0525
The php_next_marker function in image.c for PHP 4.2.2, 4.3.9, 4.3.10 and 5.0.3, as reachable by the getimagesize PHP function, allows remote malicious users to cause a denial of service (infinite loop) via a JPEG image with an invalid marker value, which causes a negative length ...
Php Php 4.3.9
Php Php 5.0.3
Php Php 4.2.2
Php Php 4.3.10
5
CVSSv2
CVE-2004-1020
The addslashes function in PHP 4.3.9 does not properly escape a NULL (/0) character, which may allow remote malicious users to read arbitrary files in PHP applications that contain a directory traversal vulnerability in require or include statements, but are otherwise protected b...
Php Php 4.3.7
Php Php 4.3.8
Php Php 5.0
Php Php 5.0.1
Php Php 5.0.2
Php Php 4.3.6
Php Php 4.3.9
Php Php 5.0.0
1 EDB exploit
7.5
CVSSv2
CVE-2005-1042
Integer overflow in the exif_process_IFD_TAG function in exif.c in PHP prior to 4.3.11 may allow remote malicious users to execute arbitrary code via an IFD tag that leads to a negative byte count.
Php Php 4.3.4
Php Php 4.3.5
Php Php 4.3.2
Php Php 4.3.3
Php Php 4.3.1
Php Php 4.3.10
Php Php 4.3.8
Php Php 4.3.9
Php Php 4.3.0
Php Php 4.3.6
Php Php 4.3.7
3.2
CVSSv2
CVE-2006-1014
Argument injection vulnerability in certain PHP 4.x and 5.x applications, when used with sendmail and when accepting remote input for the additional_parameters argument to the mb_send_mail function, allows context-dependent malicious users to read and create arbitrary files by pr...
Php Php 4.2
Php Php 4.3.11
Php Php 4.3.3
Php Php 4.4.0
Php Php 4.4.1
Php Php 5.0.0
Php Php 5.0.1
Php Php 5.0
Php Php 5.1.0
Php Php 4.0.0
Php Php 4.3.6
Php Php 4.3.7
Php Php 5.0.4
Php Php 5.0.5
Php Php 4.3.4
Php Php 4.3.5
Php Php 5.0.2
Php Php 5.0.3
Php Php 4.3.10
Php Php 4.3.8
Php Php 4.3.9
1 EDB exploit
2.6
CVSSv2
CVE-2007-2727
The mcrypt_create_iv function in ext/mcrypt/mcrypt.c in PHP prior to 4.4.7, 5.2.1, and possibly 5.0.x and other PHP 5 versions, calls php_rand_r with an uninitialized seed variable and therefore always generates the same initialization vector (IV), which might allow context-depen...
Php Php 4.3.9
Php Php 4.2.0
Php Php 4.1.0
Php Php 4.3.4
Php Php 4.0.4
Php Php 4.3.0
Php Php 4.0.5
Php Php 4.3.6
Php Php 4.0.7
Php Php 4.3.11
Php Php 4.3.2
Php Php 4.2.2
Php Php 4.0.3
Php Php 4.3.7
Php Php 4.0.6
Php Php 4.1.2
Php Php 4.0.1
Php Php 4.3.3
Php Php 4.1.1
Php Php 4.3.1
Php Php 4.3.10
Php Php 4.0.2
5
CVSSv2
CVE-2005-3353
The exif_read_data function in the Exif module in PHP prior to 4.4.1 allows remote malicious users to cause a denial of service (infinite loop) via a malformed JPEG image.
Php Php 4.0.0
Php Php 4.1.0
Php Php 4.1.1
Php Php 4.1.2
Php Php 4.3.10
Php Php 4.3.11
Php Php 4.3.8
Php Php 4.3.9
Php Php 4.0.1
Php Php 4.0.2
Php Php 4.2.0
Php Php 4.2.1
Php Php 4.3.2
Php Php 4.3.3
Php Php 4.4.0
Php Php 4.0.5
Php Php 4.0.6
Php Php 4.3.0
Php Php 4.3.1
Php Php 4.3.6
Php Php 4.3.7
Php Php 4.0.3
5
CVSSv2
CVE-2005-3883
CRLF injection vulnerability in the mb_send_mail function in PHP prior to 5.1.0 might allow remote malicious users to inject arbitrary e-mail headers via line feeds (LF) in the "To" address argument.
Php Php 4.0.7
Php Php 4.1.0
Php Php 4.2
Php Php 4.3.0
Php Php 4.3.1
Php Php 4.3.6
Php Php 4.3.7
Php Php 5.0.2
Php Php 5.0.3
Php Php 4.1.1
Php Php 4.1.2
Php Php 4.3.10
Php Php 4.3.11
Php Php 4.3.8
Php Php 4.3.9
Php Php 5.0.4
Php Php 5.0.5
Php Php 4.2.2
Php Php 4.2.3
Php Php 4.3.4
Php Php 4.3.5
Php Php 5.0.0
2.1
CVSSv2
CVE-2006-2660
Buffer consumption vulnerability in the tempnam function in PHP 5.1.4 and 4.x prior to 4.4.3 allows local users to bypass restrictions and create PHP files with fixed names in other directories via a pathname argument longer than MAXPATHLEN, which prevents a unique string from be...
Php Php 4.0.4
Php Php 4.0.5
Php Php 4.2.3
Php Php 4.3.0
Php Php 4.3.1
Php Php 4.3.6
Php Php 4.3.7
Php Php 5.1.4
Php Php 4.0.2
Php Php 4.0.3
Php Php 4.2.1
Php Php 4.2.2
Php Php 4.3.4
Php Php 4.3.5
Php Php 4.4.2
Php Php 4.4.3
Php Php 4.1.0
Php Php 4.1.1
Php Php 4.3.10
Php Php 4.3.11
Php Php 4.3.8
Php Php 4.3.9
2.6
CVSSv2
CVE-2006-0208
Multiple cross-site scripting (XSS) vulnerabilities in PHP 4.4.1 and 5.1.1, when display_errors and html_errors are on, allow remote malicious users to inject arbitrary web script or HTML via inputs to PHP applications that are not filtered when they are included in the resulting...
Php Php 4.0.5
Php Php 4.0.6
Php Php 4.0
Php Php 4.1.0
Php Php 4.3.0
Php Php 4.3.1
Php Php 4.3.10
Php Php 4.3.7
Php Php 4.3.8
Php Php 5.0.0
Php Php 5.1.0
Php Php 5.1.1
Php Php 4.0.0
Php Php 4.1.1
Php Php 4.1.2
Php Php 4.3.11
Php Php 4.3.2
Php Php 4.3.9
Php Php 4.4.1
Php Php 4.0.1
Php Php 4.0.2
Php Php 4.2.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48654
CVE-2024-2757
authentication bypass
CVE-2024-3194
CVE-2024-33640
CVE-2024-21111
dos
insecure direct object reference
CVE-2024-21345
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »