Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php php 4.0 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2021-32050
Some MongoDB Drivers may erroneously publish events containing authentication-related data to a command listener configured by an application. The published events may contain security-sensitive data when specific authentication-related commands are executed. Without due care, an...
Mongodb C++
Mongodb Node.js
Mongodb Swift Driver
Mongodb Php Driver
Mongodb C Driver
NA
CVE-2023-40760
User enumeration is found in PHP Jabbers Hotel Booking System v4.0. This issue occurs during password recovery, where a difference in messages could allow an malicious user to determine if the user is valid or not, enabling a brute force attack with valid users.
Phpjabbers Hotel Booking System 4.0
NA
CVE-2023-31498
A privilege escalation issue was found in PHP Gurukul Hospital Management System In v.4.0 allows a remote malicious user to execute arbitrary code and access sensitive information via the session token parameter.
Phpgurukul Hospital Management System 4.0
NA
CVE-2022-44354
SolarView Compact 4.0 and 5.0 is vulnerable to Unrestricted File Upload via a crafted php file.
Contec Solarview Compact Firmware 4.0
Contec Solarview Compact Firmware 5.0
NA
CVE-2022-42205
PHPGurukul Hospital Management System In PHP V 4.0 is vulnerable to Cross Site Scripting (XSS) via add-patient.php.
Phpgurukul Hospital Management System 4.0
1 Github repository
NA
CVE-2022-42206
PHPGurukul Hospital Management System In PHP V 4.0 is vulnerable to Cross Site Scripting (XSS) via doctor/view-patient.php, admin/view-patient.php, and view-medhistory.php.
Phpgurukul Hospital Management System 4.0
1 Github repository
5
CVSSv2
CVE-2022-26254
WoWonder The Ultimate PHP Social Network Platform v4.0.0 exists to contain an access control issue which allows unauthenticated malicious users to arbitrarily change group ID names.
Wowonder Wowonder 4.0
7.5
CVSSv2
CVE-2022-24651
sentcms 4.0.x allows remote malicious users to cause arbitrary file uploads through an unauthorized file upload interface, resulting in PHP code execution through /user/upload/upload.
Sentcms Sentcms 4.0.0
7.5
CVSSv2
CVE-2022-24652
sentcms 4.0.x allows remote malicious users to cause arbitrary file uploads through an unauthorized file upload interface, resulting in php code execution in /admin/upload/upload.
Sentcms Sentcms 4.0.0
5
CVSSv2
CVE-2022-24226
Hospital Management System v4.0 exists to contain a blind SQL injection vulnerability via the register function in func2.php.
Phpgurukul Hospital Management System 4.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »