Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php php 4.4.8 vulnerabilities and exploits
(subscribe to this query)
1000
VMScore
CVE-2012-2376
Buffer overflow in the com_print_typeinfo function in PHP 5.4.3 and previous versions on Windows allows remote malicious users to execute arbitrary code via crafted arguments that trigger incorrect handling of COM object VARIANT types, as exploited in the wild in May 2012.
Php Php 5.4.2
Php Php 5.4.1
Php Php 5.3.2
Php Php 5.2.8
Php Php 5.2.6
Php Php 5.1.1
Php Php 5.1.0
Php Php 5.3.6
Php Php 5.0.0
Php Php 5.2.3
Php Php 5.2.1
Php Php 5.3.3
Php Php 5.2.7
Php Php 5.2.14
Php Php 4.3.10
Php Php 4.2.1
Php Php 4.2.0
Php Php 4.3.8
Php Php 4.3.9
Php Php 4.4.9
Php Php 4.3.0
Php Php 4.0.6
1 EDB exploit
890
VMScore
CVE-2012-2688
Unspecified vulnerability in the _php_stream_scandir function in the stream implementation in PHP prior to 5.3.15 and 5.4.x prior to 5.4.5 has unknown impact and remote attack vectors, related to an "overflow."
Php Php
Php Php 5.3.1
Php Php 5.3.7
Php Php 5.3.12
Php Php 5.3.8
Php Php 5.3.11
Php Php 5.3.4
Php Php 5.3.3
Php Php 5.3.0
Php Php 5.3.2
Php Php 5.3.10
Php Php 5.2.15
Php Php 5.2.11
Php Php 5.2.7
Php Php 5.2.1
Php Php 5.2.2
Php Php 5.1.5
Php Php 5.0.5
Php Php 5.0.2
Php Php 5.0.1
Php Php 4.3.2
Php Php 4.3.11
890
VMScore
CVE-2011-3268
Buffer overflow in the crypt function in PHP prior to 5.3.7 allows context-dependent malicious users to have an unspecified impact via a long salt argument, a different vulnerability than CVE-2011-2483.
Php Php 4.3.11
Php Php 4.3.4
Php Php 4.2.2
Php Php 4.3.10
Php Php 4.3.1
Php Php 4.3.2
Php Php 4.2.0
Php Php 4.2.3
Php Php 4.3.7
Php Php 5.2.11
Php Php 4.4.2
Php Php 4.4.3
Php Php 5.1.2
Php Php 5.1.1
Php Php 5.0.1
Php Php 5.0.0
Php Php 5.2.3
Php Php 5.2.1
Php Php 5.2.10
Php Php 5.2.4
Php Php 3.0.1
Php Php 3.0
890
VMScore
CVE-2009-4143
PHP prior to 5.2.12 does not properly handle session data, which has unspecified impact and attack vectors related to (1) interrupt corruption of the SESSION superglobal array and (2) the session.save_path directive.
Php Php 4.3.11
Php Php 4.3.4
Php Php 4.2.3
Php Php 4.2.2
Php Php 5.0
Php Php 4.4.1
Php Php 4.4.2
Php Php 5.0.0
Php Php 2.0b10
Php Php 2.0
Php Php 3.0.10
Php Php 3.0.13
Php Php 3.0.15
Php Php 3.0.14
Php Php 3.0.7
Php Php 3.0.8
Php Php 4.0
Php Php 4.0.7
Php Php 5.1.2
Php Php 5.1.3
Php Php 5.2.2
Php Php 5.2.3
890
VMScore
CVE-2008-5557
Heap-based buffer overflow in ext/mbstring/libmbfl/filters/mbfilter_htmlent.c in the mbstring extension in PHP 4.3.0 up to and including 5.2.6 allows context-dependent malicious users to execute arbitrary code via a crafted string containing an HTML entity, which is not properly ...
Php Php 4.3.2
Php Php 4.3.3
Php Php 4.3.10
Php Php 4.3.11
Php Php 4.4.2
Php Php 4.4.3
Php Php 5.0.0
Php Php 5.1.0
Php Php 5.1.1
Php Php 5.2.2
Php Php 5.2.3
Php Php 4.3.1
Php Php 4.3.0
Php Php 4.3.8
Php Php 4.3.9
Php Php 4.4.8
Php Php 4.4.9
Php Php 4.4.1
Php Php 5.0.4
Php Php 5.0.5
Php Php 5.2.0
Php Php 5.2.1
771
VMScore
CVE-2012-2311
sapi/cgi/cgi_main.c in PHP prior to 5.3.13 and 5.4.x prior to 5.4.3, when configured as a CGI script (aka php-cgi), does not properly handle query strings that contain a %3D sequence but no = (equals sign) character, which allows remote malicious users to execute arbitrary code b...
Php Php 4.3.9
Php Php 4.4.9
Php Php 3.0
Php Php 5.2.9
Php Php 4.0
Php Php 3.0.5
Php Php 3.0.11
Php Php 5.3.10
Php Php 5.1.5
Php Php 5.3.6
Php Php 5.3.9
Php Php 5.1.2
Php Php 5.3.1
Php Php 4.2.0
Php Php 5.1.1
Php Php 3.0.1
Php Php 5.2.14
Php Php 3.0.2
Php Php 4.4.4
Php Php 5.0.0
Php Php 4.1.0
Php Php 5.1.6
4 EDB exploits
2 Github repositories
756
VMScore
CVE-2016-5734
phpMyAdmin 4.0.x prior to 4.0.10.16, 4.4.x prior to 4.4.15.7, and 4.6.x prior to 4.6.3 does not properly choose delimiters to prevent use of the preg_replace e (aka eval) modifier, which might allow remote malicious users to execute arbitrary PHP code via a crafted string, as dem...
Phpmyadmin Phpmyadmin 4.0.5
Phpmyadmin Phpmyadmin 4.0.4.2
Phpmyadmin Phpmyadmin 4.0.4.1
Phpmyadmin Phpmyadmin 4.0.10.6
Phpmyadmin Phpmyadmin 4.0.10.5
Phpmyadmin Phpmyadmin 4.0.9
Phpmyadmin Phpmyadmin 4.0.8
Phpmyadmin Phpmyadmin 4.0.2
Phpmyadmin Phpmyadmin 4.0.10.9
Phpmyadmin Phpmyadmin 4.0.10.2
Phpmyadmin Phpmyadmin 4.0.10.14
Phpmyadmin Phpmyadmin 4.0.1
Phpmyadmin Phpmyadmin 4.0.0
Phpmyadmin Phpmyadmin 4.0.10.11
Phpmyadmin Phpmyadmin 4.0.10.10
Phpmyadmin Phpmyadmin 4.0.10.15
Phpmyadmin Phpmyadmin 4.0.4
Phpmyadmin Phpmyadmin 4.0.3
Phpmyadmin Phpmyadmin 4.0.10.4
Phpmyadmin Phpmyadmin 4.0.10.3
Phpmyadmin Phpmyadmin 4.0.10.1
Phpmyadmin Phpmyadmin 4.0.10
1 EDB exploit
4 Github repositories
755
VMScore
CVE-2011-1092
Integer overflow in ext/shmop/shmop.c in PHP prior to 5.3.6 allows context-dependent malicious users to cause a denial of service (crash) and possibly read sensitive memory via a large third argument to the shmop_read function.
Php Php 5.3.1
Php Php 5.3.2
Php Php 4.0.6
Php Php 4.0.7
Php Php 4.1.1
Php Php 4.1.2
Php Php 4.3.0
Php Php 4.0.2
Php Php 4.0.3
Php Php 4.0
Php Php 4.0.0
Php Php 4.0.1
Php Php 4.2.0
Php Php 4.3.1
Php Php 4.3.10
Php Php 4.3.7
Php Php 4.3.8
Php Php 4.4.5
Php Php 4.4.6
Php Php 3.0.1
Php Php 3.0
Php Php 3.0.17
1 EDB exploit
755
VMScore
CVE-2009-4018
The proc_open function in ext/standard/proc_open.c in PHP prior to 5.2.11 and 5.3.x prior to 5.3.1 does not enforce the (1) safe_mode_allowed_env_vars and (2) safe_mode_protected_env_vars directives, which allows context-dependent malicious users to execute programs with an arbit...
Php Php 4.3.1
Php Php 4.3.2
Php Php 4.1.0
Php Php 4.2.1
Php Php 4.4.7
Php Php 5.0
Php Php 4.3.9
Php Php 4.4.0
Php Php 5.0.4
Php Php 5.0.3
Php Php 5.0.0
Php Php 1.0
Php Php 4
Php Php 3.0.2
Php Php 3.0.18
Php Php 4.0
Php Php 3.0.9
Php Php 4.0.1
Php Php 4.0.5
Php Php 4.0.4
Php Php 4.3.11
Php Php 4.3.4
1 EDB exploit
755
VMScore
CVE-2008-3245
SQL injection vulnerability in phpHoo3.php in phpHoo3 4.3.9, 4.3.10, 4.4.8, and 5.2.6 allows remote malicious users to execute arbitrary SQL commands via the viewCat parameter.
Cable-modems Phphoo3 5.2.6
Cable-modems Phphoo3 4.3.10
Cable-modems Phphoo3 4.3.9
Cable-modems Phphoo3 4.4.8
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »