Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php php 2.0b10 vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-1999-0058
Buffer overflow in PHP cgi program, php.cgi allows shell access.
Php Php 1.0
Php Php 2.0b10
755
VMScore
CVE-1999-0068
CGI PHP mylog script allows an malicious user to read any file on the target server.
Php Php 2.0
Php Php 2.0b10
Php Php 1.0
1 EDB exploit
1000
VMScore
CVE-1999-0238
php.cgi allows malicious users to read any file on the system.
Php Php 2.0
Php Php 2.0b10
Php Php 1.0
1 EDB exploit
445
VMScore
CVE-2000-0860
The file upload capability in PHP versions 3 and 4 allows remote malicious users to read arbitrary files by setting hidden form fields whose names match the names of internal PHP script variables.
Php Php 3.0.1
Php Php 3.0.10
Php Php 3.0.5
Php Php 3.0.11
Php Php 3.0.12
Php Php 3.0.7
Php Php 3.0.8
Php Php 3.0.9
Php Php 1.0
Php Php 2.0
Php Php 3.0.13
Php Php 3.0.2
Php Php 4.0
Php Php 3.0.6
Php Php 2.0b10
Php Php 3.0
Php Php 3.0.3
Php Php 3.0.4
605
VMScore
CVE-2009-3558
The posix_mkfifo function in ext/posix/posix.c in PHP prior to 5.2.12 and 5.3.x prior to 5.3.1 allows context-dependent malicious users to bypass open_basedir restrictions, and create FIFO files, via the pathname and mode arguments, as demonstrated by creating a .htaccess file.
Php Php 2.0
Php Php 2.0b10
Php Php 3.0.15
Php Php 3.0.16
Php Php 3.0.6
Php Php 3.0.7
Php Php 4.0.3
Php Php 4.0.4
Php Php 4.0
Php Php 4.1.0
Php Php 4.2.2
Php Php 4.2.3
Php Php 4.3.2
Php Php 4.3.7
Php Php 5.2.5
Php Php 5.2.6
Php Php 3.0.10
Php Php 3.0.11
Php Php 3.0.2
Php Php 3.0.3
Php Php 4.0.0
Php Php 4.0.7
445
VMScore
CVE-2007-1460
The zip:// URL wrapper provided by the PECL zip extension in PHP prior to 4.4.7, and 5.2.0 and 5.2.1, does not implement safemode or open_basedir checks, which allows remote malicious users to read ZIP archives located outside of the intended directories.
Php Php 3.0
Php Php 3.0.2
Php Php 3.0.18
Php Php 3.0.4
Php Php 3.0.3
Php Php 4.0.5
Php Php 4.0.4
Php Php 4.0.3
Php Php 4.0.2
Php Php 4.3.8
Php Php 4.3.9
Php Php 4.4.0
Php Php 4.4.1
Php Php 4.0.7
Php Php 4.4.5
Php Php 5.2.1
Php Php 3.0.13
Php Php 3.0.1
Php Php 3.0.14
Php Php 3.0.16
Php Php 3.0.6
Php Php 4.0.0
445
VMScore
CVE-2009-3557
The tempnam function in ext/standard/file.c in PHP prior to 5.2.12 and 5.3.x prior to 5.3.1 allows context-dependent malicious users to bypass safe_mode restrictions, and create files in group-writable or world-writable directories, via the dir and prefix arguments.
Php Php 3.0.11
Php Php 3.0.12
Php Php 3.0.2
Php Php 3.0.3
Php Php 4.0
Php Php 4.0.0
Php Php 4.2.0
Php Php 4.3.1
Php Php 5.0.0
Php Php 5.0.3
Php Php 4.4.9
Php Php 5.2.10
Php Php 2.0
Php Php 2.0b10
Php Php 3.0
Php Php 3.0.15
Php Php 1.0
Php Php 3.0.13
Php Php 3.0.14
Php Php 3.0.4
Php Php 3.0.5
Php Php 4.0.1
465
VMScore
CVE-2006-3011
The error_log function in basic_functions.c in PHP prior to 4.4.4 and 5.x prior to 5.1.5 allows local users to bypass safe mode and open_basedir restrictions via a "php://" or other scheme in the third argument, which disables safe mode.
Php Php 1.0
Php Php 2.0b10
Php Php 3.0
Php Php 3.0.2
Php Php 3.0.10
Php Php 3.0.13
Php Php 3.0.3
Php Php 3.0.15
Php Php 3.0.14
Php Php 3.0.8
Php Php 3.0.5
Php Php 4.0.6
Php Php 4.0.5
Php Php 4.2.1
Php Php 4.2.2
Php Php 4.3.3
Php Php 4.3.4
Php Php 4.4.1
Php Php 4.4.2
Php Php 2.0
Php Php 3.0.11
Php Php 3.0.18
1 EDB exploit
383
VMScore
CVE-2011-0753
Race condition in the PCNTL extension in PHP prior to 5.3.4, when a user-defined signal handler exists, might allow context-dependent malicious users to cause a denial of service (memory corruption) via a large number of concurrent signals.
Php Php 4.0.2
Php Php 4.0.3
Php Php 4.0
Php Php 4.2.1
Php Php 4.2.2
Php Php 4.3.11
Php Php 4.3.2
Php Php 4.3.9
Php Php 4.4.0
Php Php 4.4.8
Php Php 4.4.9
Php Php 5.3.2
Php Php 4.0.6
Php Php 4.0.7
Php Php 5.3.0
Php Php 5.3.1
Php Php 4.0.4
Php Php 4.0.5
Php Php 4.1.0
Php Php 4.2.3
Php Php 4.3.3
Php Php 4.3.4
392
VMScore
CVE-2011-0754
The SplFileInfo::getType function in the Standard PHP Library (SPL) extension in PHP prior to 5.3.4 on Windows does not properly detect symbolic links, which might make it easier for local users to conduct symlink attacks by leveraging cross-platform differences in the stat struc...
Php Php 3.0.14
Php Php 3.0.3
Php Php 4.0.1
Php Php 4.0.6
Php Php 4.0
Php Php 4.3.0
Php Php 4.3.4
Php Php 4.3.6
Php Php 4.4.6
Php Php 4.4.7
Php Php 3.0.13
Php Php 3.0.15
Php Php 4.4.4
Php Php 4.3.3
Php Php 1.0
Php Php 2.0
Php Php 3.0.7
Php Php 4.0.2
Php Php 4.2.1
Php Php 4.2.2
Php Php 4.2.0
Php Php 4.3.10
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »