Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php php 6.0 vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2022-31374
An arbitrary file upload vulnerability /images/background/1.php in of SolarView Compact 6.0 allows malicious users to execute arbitrary code via a crafted php file.
Contec Sv-cpt-mc310 Firmware 6.0
1 Github repository
9.8
CVSSv3
CVE-2020-25213
The File Manager (wp-file-manager) plugin prior to 6.9 for WordPress allows remote malicious users to upload and execute arbitrary PHP code because it renames an unsafe example elFinder connector file to have the .php extension. This, for example, allows malicious users to run th...
Webdesi9 File Manager
12 Github repositories
9.8
CVSSv3
CVE-2014-8089
SQL injection vulnerability in Zend Framework prior to 1.12.9, 2.2.x prior to 2.2.8, and 2.3.x prior to 2.3.3, when using the sqlsrv PHP extension, allows remote malicious users to execute arbitrary SQL commands via a null byte.
Zend Zend Framework
Redhat Enterprise Linux 6.0
Redhat Enterprise Linux 7.0
Fedoraproject Fedora 19
Fedoraproject Fedora 20
Fedoraproject Fedora 21
9.8
CVSSv3
CVE-2018-0301
A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an unauthenticated, remote malicious user to craft a packet to the management interface on an affected system, causing a buffer overflow. The vulnerability is due to incorrect input validation in the authen...
Cisco Nx-os
Cisco Nx-os 8.2
Cisco Nx-os 8.1
Cisco Nx-os 7.0\\(3\\)i7
Cisco Nx-os 6.0
Cisco Nx-os 7.0
Cisco Nx-os 7.1
Cisco Nx-os 7.2
Cisco Nx-os 6.2
Cisco Nx-os 5.2
8.8
CVSSv3
CVE-2023-33253
LabCollector 6.0 though 6.15 allows remote code execution. An authenticated remote low-privileged user can upload an executable PHP file and execute system commands. The vulnerability is in the message function, and is due to insufficient validation of the file (such as shell.jpg...
Agilebio Labcollector
1 Github repository
8.8
CVSSv3
CVE-2018-0330
A vulnerability in the NX-API management application programming interface (API) in devices running, or based on, Cisco NX-OS Software could allow an authenticated, remote malicious user to execute commands with elevated privileges. The vulnerability is due to a failure to proper...
Cisco Nx-os 7.2
Cisco Nx-os 7.1
Cisco Nx-os 7.0
Cisco Nx-os 6.0
Cisco Nx-os
Cisco Nx-os 8.0
Cisco Nx-os 6.2
Cisco Nx-os 8.2
Cisco Nx-os 5.2
8.6
CVSSv3
CVE-2019-1599
A vulnerability in the network stack of Cisco NX-OS Software could allow an unauthenticated, remote malicious user to cause a denial of service (DoS) condition on the affected device. The vulnerability is due to an issue with allocating and freeing memory buffers in the network s...
Cisco Nx-os
8.1
CVSSv3
CVE-2013-4751
php-symfony2-Validator has loss of information during serialization
Sensiolabs Symfony
Redhat Enterprise Linux 6.0
Fedoraproject Fedora 19
Fedoraproject Fedora 18
8.1
CVSSv3
CVE-2016-5385
PHP up to and including 7.0.8 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote malicious users to redirec...
Oracle Enterprise Manager Ops Center 12.2.2
Oracle Enterprise Manager Ops Center 12.3.2
Oracle Communications User Data Repository 10.0.1
Oracle Linux 6
Oracle Linux 7
Oracle Communications User Data Repository 12.0.0
Oracle Communications User Data Repository 10.0.0
Fedoraproject Fedora 24
Fedoraproject Fedora 23
Hp Storeever Msl6480 Tape Library Firmware
Hp System Management Homepage
Php Php
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Debian Debian Linux 8.0
Opensuse Leap 42.1
Drupal Drupal
1 Github repository
1 Article
8.1
CVSSv3
CVE-2016-3171
Drupal 6.x prior to 6.38, when used with PHP prior to 5.4.45, 5.5.x prior to 5.5.29, or 5.6.x prior to 5.6.13, might allow remote malicious users to execute arbitrary code via vectors related to session data truncation.
Drupal Drupal 6.37
Drupal Drupal 6.8
Drupal Drupal 6.36
Drupal Drupal 6.34
Drupal Drupal 6.28
Drupal Drupal 6.26
Drupal Drupal 6.2
Drupal Drupal 6.18
Drupal Drupal 6.13
Drupal Drupal 6.11
Drupal Drupal 6.0
Drupal Drupal 6.7
Drupal Drupal 6.6
Drupal Drupal 6.5
Drupal Drupal 6.4
Drupal Drupal 6.25
Drupal Drupal 6.24
Drupal Drupal 6.23
Drupal Drupal 6.22
Drupal Drupal 6.21
Drupal Drupal 6.1
Drupal Drupal 6.32
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »