Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php php 4.4.4 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-0754
PHP 4.4.4, 5.1.6, and other versions, when running on Apache, allows local users to modify behavior of other sites hosted on the same web server by modifying the mbstring.func_overload setting within .htaccess, which causes this setting to be applied to other virtual hosts on the...
Php Php 5.1.6
Php Php 4.4.4
1 EDB exploit
NA
CVE-2007-1710
The readfile function in PHP 4.4.4, 5.1.6, and 5.2.1 allows context-dependent malicious users to bypass safe_mode restrictions and read arbitrary files by referring to local files with a certain URL syntax instead of a pathname syntax, as demonstrated by a filename preceded a &qu...
Php Php 4.4.4
Php Php 5.1.6
Php Php 5.2.1
NA
CVE-2007-1287
A regression error in the phpinfo function in PHP 4.4.3 to 4.4.6, and PHP 6.0 in CVS, allows remote malicious users to conduct cross-site scripting (XSS) attacks via GET, POST, or COOKIE array values, which are not escaped in the phpinfo output, as originally fixed for CVE-2005-3...
Php Php 4.4.6
Php Php 6.0
Php Php 4.4.4
Php Php 4.4.5
1 EDB exploit
NA
CVE-2008-3658
Buffer overflow in the imageloadfont function in ext/gd/gd.c in PHP 4.4.x prior to 4.4.9 and PHP 5.2 prior to 5.2.6-r6 allows context-dependent malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a crafted font file.
Php Php 4.4.0
Php Php 4.4.1
Php Php 5.2.0
Php Php 5.2.1
Php Php 4.4.2
Php Php 4.4.3
Php Php 5.2.2
Php Php 5.2.3
Php Php 4.4.4
Php Php 4.4.5
Php Php 4.4.6
Php Php 5.2.4
Php Php 5.2.5
Php Php 4.4.7
Php Php 4.4.8
Php Php 5.2.6
NA
CVE-2008-3659
Buffer overflow in the memnstr function in PHP 4.4.x prior to 4.4.9 and PHP 5.6 up to and including 5.2.6 allows context-dependent malicious users to cause a denial of service (crash) and possibly execute arbitrary code via the delimiter argument to the explode function. NOTE: th...
Php Php 4.4.0
Php Php 4.4.1
Php Php 4.4.8
Php Php 5.2.0
Php Php 4.4.2
Php Php 4.4.3
Php Php 5.2.1
Php Php 5.2.2
Php Php 5.2.3
Php Php 4.4.4
Php Php 4.4.5
Php Php 5.2.4
Php Php 5.2.5
Php Php 4.4.6
Php Php 4.4.7
Php Php 5.2.6
NA
CVE-2008-3660
PHP 4.4.x prior to 4.4.9, and 5.x up to and including 5.2.6, when used as a FastCGI module, allows remote malicious users to cause a denial of service (crash) via a request with multiple dots preceding the extension, as demonstrated using foo..php.
Php Php 4.4.0
Php Php 4.4.1
Php Php 4.4.8
Php Php 5.2.0
Php Php 4.4.2
Php Php 4.4.3
Php Php 5.2.1
Php Php 5.2.2
Php Php 4.4.4
Php Php 4.4.5
Php Php 5.2.3
Php Php 5.2.4
Php Php 4.4.6
Php Php 4.4.7
Php Php 5.2.5
Php Php 5.2.6
NA
CVE-2006-7087
CRLF injection vulnerability in the mail function in Dotdeb PHP prior to 5.2.0 Rev 3 allows remote malicious users to bypass the protection scheme and inject arbitrary email headers via CRLF sequences in the query string, which is processed via the PHP_SELF variable.
Dotdeb Dotdeb Php 4.4
Dotdeb Dotdeb Php 5.0
Dotdeb Dotdeb Php 5.1
Dotdeb Dotdeb Php 5.2
Dotdeb Dotdeb Php 4.4.3
Dotdeb Dotdeb Php 4.4.4
NA
CVE-2007-1777
Integer overflow in the zip_read_entry function in PHP 4 prior to 4.4.5 allows remote malicious users to execute arbitrary code via a ZIP archive that contains an entry with a length value of 0xffffffff, which is incremented before use in an emalloc call, triggering a heap overfl...
Php Php 3.0.1
Php Php 3.0.10
Php Php 3.0.18
Php Php 3.0.2
Php Php 3.0.9
Php Php 4.0.0
Php Php 4.0.4
Php Php 4.1.1
Php Php 4.1.2
Php Php 4.3.1
Php Php 4.3.10
Php Php 4.3.7
Php Php 4.3.8
Php Php 3.0.11
Php Php 3.0.12
Php Php 3.0.3
Php Php 3.0.4
Php Php 4.0.1
Php Php 4.0.5
Php Php 4.0.6
Php Php 4.2.0
Php Php 4.2.1
1 EDB exploit
NA
CVE-2006-3017
zend_hash_del_key_or_index in zend_hash.c in PHP prior to 4.4.3 and 5.x prior to 5.1.3 can cause zend_hash_del to delete the wrong element, which prevents a variable from being unset even when the PHP unset function is called, which might cause the variable's value to be use...
Php Php 3.0.13
Php Php 3.0.14
Php Php 3.0.5
Php Php 3.0.6
Php Php 4.0.1
Php Php 4.0.6
Php Php 4.0.7
Php Php 4.0
Php Php 4.2.2
Php Php 4.2.3
Php Php 4.3.3
Php Php 4.3.4
Php Php 5.0.0
Php Php 5.0.1
Php Php 5.0.2
Php Php 5.1.0
Php Php 3.0
Php Php 3.0.15
Php Php 3.0.16
Php Php 3.0.7
Php Php 3.0.8
Php Php 4.0.2
NA
CVE-2007-2511
Buffer overflow in the user_filter_factory_create function in PHP prior to 5.2.2 has unknown impact and local attack vectors.
Php Php 4.0.3
Php Php 4.0.4
Php Php 4.1.0
Php Php 4.1.1
Php Php 4.3.1
Php Php 4.3.10
Php Php 4.3.8
Php Php 4.3.9
Php Php 4.0.2
Php Php 4.0.7
Php Php 4.2.3
Php Php 4.3.0
Php Php 4.3.5
Php Php 4.3.6
Php Php 4.3.7
Php Php 4.4.4
Php Php 4.4.5
Php Php 4.0.0
Php Php 4.0.1
Php Php 4.0.5
Php Php 4.0.6
Php Php 4.1.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
encryption
CVE-2024-4331
CVE-2024-26925
arbitrary code
CVE-2006-4304
CVE-2024-25458
CVE-2024-27077
reflected XSS
CVE-2024-4059
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »