Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php php 5.0 vulnerabilities and exploits
(subscribe to this query)
505
VMScore
CVE-2004-1020
The addslashes function in PHP 4.3.9 does not properly escape a NULL (/0) character, which may allow remote malicious users to read arbitrary files in PHP applications that contain a directory traversal vulnerability in require or include statements, but are otherwise protected b...
Php Php 4.3.7
Php Php 4.3.8
Php Php 5.0
Php Php 5.0.1
Php Php 5.0.2
Php Php 4.3.6
Php Php 4.3.9
Php Php 5.0.0
1 EDB exploit
445
VMScore
CVE-2006-0207
Multiple HTTP response splitting vulnerabilities in PHP 5.1.1 allow remote malicious users to inject arbitrary HTTP headers via a crafted Set-Cookie header, related to the (1) session extension (aka ext/session) and the (2) header function.
Php Php 5.0
Php Php 5.0.3
Php Php 5.0.4
Php Php 5.0.0
Php Php 5.0.1
Php Php 5.0.2
Php Php 5.1.0
Php Php 5.1.1
Php Php 5.0.5
505
VMScore
CVE-2005-2075
PHP-Fusion 5.0 and 6.0 stores the database file with a predictable filename under the web document root with insufficient access control, which allows remote malicious users to obtain sensitive information via a direct request to the filename in the administration/db_backups dire...
Php Fusion Php Fusion 5.0
Php Fusion Php Fusion 6.0
1 EDB exploit
668
VMScore
CVE-2006-5465
Buffer overflow in PHP prior to 5.2.0 allows remote malicious users to execute arbitrary code via crafted UTF-8 inputs to the (1) htmlentities or (2) htmlspecialchars functions.
Php Php 5.0.0
Php Php 5.0
Php Php 5.0.1
Php Php 5.0.2
Php Php 5.1.0
Php Php 5.1.1
Php Php 5.0.5
Php Php 5.1.4
Php Php 5.1.5
Php Php
Php Php 5.0.3
Php Php 5.0.4
Php Php 5.1.2
Php Php 5.1.3
641
VMScore
CVE-2006-5706
Unspecified vulnerabilities in PHP, probably prior to 5.2.0, allow local users to bypass open_basedir restrictions and perform unspecified actions via unspecified vectors involving the (1) chdir and (2) tempnam functions. NOTE: the tempnam vector might overlap CVE-2006-1494.
Php Php 5.0.1
Php Php 5.0
Php Php
Php Php 5.1.1
Php Php 5.1.2
Php Php 5.1.3
Php Php 5.1.4
Php Php 5.1.5
Php Php 5.0.2
Php Php 5.0.3
Php Php 5.0.4
Php Php 5.0.5
Php Php 5.0.0
Php Php 5.1.0
505
VMScore
CVE-2007-1452
The FDF support (ext/fdf) in PHP 5.2.0 and previous versions does not implement the input filtering hooks for ext/filter, which allows remote malicious users to bypass web site filters via an application/vnd.fdf formatted POST.
Php Php 5.0.0
Php Php 5.0
Php Php 5.1.0
Php Php 5.2.0
Php Php 5.0.2
Php Php 5.0.3
Php Php 5.0.4
Php Php 5.0.5
Php Php 5.1.1
Php Php 5.1.2
Php Php 5.1.3
Php Php 5.1.4
Php Php 5.1.5
Php Php 5.0.1
Php Php 5.1.6
1 EDB exploit
383
VMScore
CVE-2005-0692
Cross-site scripting (XSS) vulnerability in fusion_core.php for PHP-Fusion 5.x allows remote malicious users to inject arbitrary web script or HTML via a message with IMG bbcode containing character-encoded Javascript.
Php Fusion Php Fusion 5.0
445
VMScore
CVE-2005-2401
PHP-Fusion allows remote malicious users to inject arbitrary Cascading Style Sheets (CSS) via the BBCode color tag.
Php Fusion Php Fusion 6.0.105
Php Fusion Php Fusion 6.0.106
Php Fusion Php Fusion 4.00
Php Fusion Php Fusion 5.0
Php Fusion Php Fusion 4.01
Php Fusion Php Fusion 5.01 Service Pack
435
VMScore
CVE-2005-2783
Cross-site scripting (XSS) vulnerability in PHP-Fusion 6.00.107 and previous versions allows remote malicious users to inject arbitrary web script or HTML via nested, malformed URL BBCode tags.
Php Fusion Php Fusion 6.0.105
Php Fusion Php Fusion 6.0.106
Php Fusion Php Fusion 6.0.107
Php Fusion Php Fusion 4.00
Php Fusion Php Fusion 4.01
Php Fusion Php Fusion 5.0
Php Fusion Php Fusion 5.01 Service Pack
1 EDB exploit
325
VMScore
CVE-2006-1014
Argument injection vulnerability in certain PHP 4.x and 5.x applications, when used with sendmail and when accepting remote input for the additional_parameters argument to the mb_send_mail function, allows context-dependent malicious users to read and create arbitrary files by pr...
Php Php 4.2
Php Php 4.3.11
Php Php 4.3.3
Php Php 4.4.0
Php Php 4.4.1
Php Php 5.0.0
Php Php 5.0.1
Php Php 5.0
Php Php 5.1.0
Php Php 4.0.0
Php Php 4.3.6
Php Php 4.3.7
Php Php 5.0.4
Php Php 5.0.5
Php Php 4.3.4
Php Php 4.3.5
Php Php 5.0.2
Php Php 5.0.3
Php Php 4.3.10
Php Php 4.3.8
Php Php 4.3.9
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
CVE-2006-4304
wireless
CVE-2023-23022
local file inclusion
CVE-2024-27058
CVE-2024-33820
open redirect
CVE-2024-27079
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »