Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php php 8.0.0 vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-24813
Dompdf is an HTML to PDF converter written in php. Due to the difference in the attribute parser of Dompdf and php-svg-lib, an attacker can still call arbitrary URLs with arbitrary protocols. Dompdf parses the href attribute of `image` tags and respects `xlink:href` even if `href...
Dompdf Project Dompdf 2.0.2
1 Github repository
9.8
CVSSv3
CVE-2023-23924
Dompdf is an HTML to PDF converter. The URI validation on dompdf 2.0.1 can be bypassed on SVG parsing by passing `<image>` tags with uppercase letters. This may lead to arbitrary object unserialize on PHP < 8, through the `phar` URL wrapper. An attacker can exploit the v...
Dompdf Project Dompdf 2.0.1
1 Github repository
8.8
CVSSv3
CVE-2017-14251
Unrestricted File Upload vulnerability in the fileDenyPattern in sysext/core/Classes/Core/SystemEnvironmentBuilder.php in TYPO3 7.6.0 to 7.6.21 and 8.0.0 to 8.7.4 allows remote authenticated users to upload files with a .pht extension and consequently execute arbitrary PHP code.
Typo3 Typo3 8.6.1
Typo3 Typo3 7.6.6
Typo3 Typo3 8.3.1
Typo3 Typo3 7.6.0
Typo3 Typo3 7.6.5
Typo3 Typo3 7.6.20
Typo3 Typo3 8.2.0
Typo3 Typo3 8.7.0
Typo3 Typo3 7.6.2
Typo3 Typo3 7.6.3
Typo3 Typo3 8.2.1
Typo3 Typo3 8.7.2
Typo3 Typo3 8.7.3
Typo3 Typo3 7.6.16
Typo3 Typo3 7.6.19
Typo3 Typo3 8.5.1
Typo3 Typo3 7.6.7
Typo3 Typo3 8.5.0
Typo3 Typo3 8.1.0
Typo3 Typo3 7.6.15
Typo3 Typo3 7.6.14
Typo3 Typo3 7.6.18
8.1
CVSSv3
CVE-2017-6381
A 3rd party development library including with Drupal 8 development dependencies is vulnerable to remote code execution. This is mitigated by the default .htaccess protection against PHP execution, and the fact that Composer development dependencies aren't normal installed. ...
Drupal Drupal 8.0.0
Drupal Drupal 8.2.0
Drupal Drupal 8.1.0
Drupal Drupal 8.1.2
Drupal Drupal 8.1.6
Drupal Drupal 8.1.8
Drupal Drupal 8.1.9
Drupal Drupal 8.1.5
Drupal Drupal 8.1.10
Drupal Drupal 8.0.4
Drupal Drupal 8.0.5
Drupal Drupal 8.1.3
Drupal Drupal 8.0.2
Drupal Drupal 8.0.3
Drupal Drupal 8.1.7
Drupal Drupal 8.2.1
Drupal Drupal 8.0.1
Drupal Drupal 8.1.1
Drupal Drupal 8.1.4
Drupal Drupal 8.0.6
5.5
CVSSv3
CVE-2022-4900
A vulnerability was found in PHP where setting the environment variable PHP_CLI_SERVER_WORKERS to a large value leads to a heap buffer overflow.
Php Php -
Php Php 8.1.0
Php Php 8.0.0
Php Php 7.4.0
5.3
CVSSv3
CVE-2020-7071
In PHP versions 7.3.x below 7.3.26, 7.4.x below 7.4.14 and 8.0.0, when validating URL with functions like filter_var($url, FILTER_VALIDATE_URL), PHP will accept an URL with invalid password as valid URL. This may lead to functions that rely on URL being valid to mis-parse the URL...
Php Php
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Netapp Clustered Data Ontap -
NA
CVE-2015-4717
The filename sanitization component in ownCloud Server prior to 6.0.8, 7.0.x prior to 7.0.6, and 8.0.x prior to 8.0.4 does not properly handle $_GET parameters cast by PHP to an array, which allows remote malicious users to cause a denial of service (infinite loop and log file co...
Owncloud Owncloud 7.0.4
Owncloud Owncloud 7.0.1
Owncloud Owncloud 7.0.2
Owncloud Owncloud 8.0.3
Owncloud Owncloud
Owncloud Owncloud 7.0.3
Owncloud Owncloud 7.0.5
Owncloud Owncloud 7.0.0
Owncloud Owncloud 8.0.2
Owncloud Owncloud 8.0.0
NA
CVE-2007-1449
Directory traversal vulnerability in mainfile.php in PHP-Nuke 8.0 and previous versions allows remote malicious users to read arbitrary files via a .. (dot dot) in the lang parameter.
Phpnuke Php-nuke 7.3
Phpnuke Php-nuke 7.4
Phpnuke Php-nuke 7.1
Phpnuke Php-nuke 7.9
Phpnuke Php-nuke 8.0
Phpnuke Php-nuke 8.0.0
Phpnuke Php-nuke 7.5
Phpnuke Php-nuke 7.2
Phpnuke Php-nuke 7.7
Phpnuke Php-nuke 7.8
Phpnuke Php-nuke 7.0
Phpnuke Php-nuke 7.6
NA
CVE-2007-1450
SQL injection vulnerability in mainfile.php in PHP-Nuke 8.0 and previous versions allows remote malicious users to execute arbitrary SQL commands in the Top or News module via the lang parameter.
Phpnuke Php-nuke 7.3
Phpnuke Php-nuke 7.4
Phpnuke Php-nuke 7.1
Phpnuke Php-nuke 7.9
Phpnuke Php-nuke 8.0.0
Phpnuke Php-nuke 7.5
Phpnuke Php-nuke 7.2
Phpnuke Php-nuke 7.7
Phpnuke Php-nuke 7.8
Phpnuke Php-nuke 7.0
Phpnuke Php-nuke 7.6
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started