Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php php 4 vulnerabilities and exploits
(subscribe to this query)
1000
VMScore
CVE-2017-8051
Tenable Appliance 3.5 - 4.4.0, and possibly prior versions, contains a flaw in the simpleupload.py script in the Web UI. Through the manipulation of the tns_appliance_session_user parameter, a remote attacker can inject arbitrary commands.
Tenable Appliance 3.10.0
Tenable Appliance 4.0.0
Tenable Appliance 4.4.0
Tenable Appliance 3.5.0
Tenable Appliance 4.1.0
Tenable Appliance 4.2.0
Tenable Appliance 4.3.0
Tenable Appliance 4.3.1
Tenable Appliance 3.5.1
Tenable Appliance 3.10.1
Tenable Appliance 3.4.0
1 EDB exploit
1000
VMScore
CVE-2016-1555
(1) boardData102.php, (2) boardData103.php, (3) boardDataJP.php, (4) boardDataNA.php, and (5) boardDataWW.php in Netgear WN604 prior to 3.3.3 and WN802Tv2, WNAP210v2, WNAP320, WNDAP350, WNDAP360, and WNDAP660 prior to 3.5.5.0 allow remote malicious users to execute arbitrary comm...
Netgear Wnap320 Firmware
Netgear Wndap350 Firmware
Netgear Wndap360 Firmware
Netgear Wndap210v2 Firmware
Netgear Wn604 Firmware
Netgear Wndap660 Firmware
Netgear Wn802tv2 Firmware
2 Metasploit modules
3 Github repositories
1000
VMScore
CVE-2008-5060
Multiple PHP remote file inclusion vulnerabilities in ModernBill 4.4 and previous versions allow remote malicious users to execute arbitrary PHP code via a URL in the DIR parameter to (1) export_batch.inc.php, (2) run_auto_suspend.cron.php, and (3) send_email_cache.php in include...
Modernbill Modernbill 2.01
Modernbill Modernbill 2.02s
Modernbill Modernbill 4.1.1
Modernbill Modernbill 4.1.2
Modernbill Modernbill 4.1.3
Modernbill Modernbill 4.0.2
Modernbill Modernbill 3.1.3
Modernbill Modernbill
Modernbill Modernbill 3.0
Modernbill Modernbill 3.1.0
Modernbill Modernbill 4.2.1
Modernbill Modernbill 4.3.0
Modernbill Modernbill 4.0.1
Modernbill Modernbill 4.3.2
1 EDB exploit
1000
VMScore
CVE-2008-4502
Multiple PHP remote file inclusion vulnerabilities in DataFeedFile (DFF) PHP Framework API allow remote malicious users to execute arbitrary PHP code via a URL in the DFF_config[dir_include] parameter to (1) DFF_affiliate_client_API.php, (2) DFF_featured_prdt.func.php, (3) DFF_me...
Datafeedfile Dff Framework Api
1 EDB exploit
1000
VMScore
CVE-2007-1721
Multiple PHP remote file inclusion vulnerabilities in C-Arbre 0.6PR7 and previous versions allow remote malicious users to execute arbitrary PHP code via a URL in the root_path parameter to (1) Richtxt_functions.inc.php, (2) adddocfile.php, (3) auth_check.php, (4) browse_current_...
Realink C-arbre
1 EDB exploit
1000
VMScore
CVE-2007-1383
Integer overflow in the 16 bit variable reference counter in PHP 4 allows context-dependent malicious users to execute arbitrary code by overflowing this counter, which causes the same variable to be destroyed twice, a related issue to CVE-2007-1286.
Php Php 4.0
1 EDB exploit
1000
VMScore
CVE-2006-4812
Integer overflow in PHP 5 up to 5.1.6 and 4 prior to 4.3.0 allows remote malicious users to execute arbitrary code via an argument to the unserialize PHP function with a large value for the number of array elements, which triggers the overflow in the Zend Engine ecalloc function ...
Php Php 4.0.4
Php Php 4.0.5
Php Php 4.1.1
Php Php 4.1.2
Php Php 5.0.1
Php Php 5.0.2
Php Php 5.0.3
Php Php 5.1.1
Php Php 5.1.2
Php Php 4.0.3
Php Php 4.0.7
Php Php 4.1.0
Php Php 4.2
Php Php 5.0.0
Php Php 5.0
Php Php 5.1.0
Php Php 4.0.1
Php Php 4.0.2
Php Php 4.2.2
Php Php 4.2.3
Php Php 5.1.5
Php Php 5.1.6
1 EDB exploit
1000
VMScore
CVE-2006-1770
Multiple PHP remote file inclusion vulnerabilities in Azerbaijan Design & Development Group (AZDG) AzDGVote allow remote malicious users to execute arbitrary PHP code via a URL in the int_path parameter in (1) vote.php, (2) view.php, (3) admin.php, and (4) admin/index.php.
Azerbaijan Development Group Azdgvote 1.0
1 EDB exploit
1000
VMScore
CVE-2004-1018
Multiple integer handling errors in PHP prior to 4.3.10 allow malicious users to bypass safe mode restrictions, cause a denial of service, or execute arbitrary code via (1) a negative offset value to the shmop_write function, (2) an "integer overflow/underflow" in the p...
Php Php
Canonical Ubuntu Linux 4.10
2 EDB exploits
1000
VMScore
CVE-2004-1227
Directory traversal vulnerability in SugarCRM Sugar Sales 2.0.1c and previous versions allows remote malicious users to read arbitrary files and possibly execute arbitrary PHP code via .. (dot dot) sequences in the (1) module, (2) action, or (3) theme parameters to index.php, (4)...
Sugarcrm Sugar Sales
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »