Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php php 4.2.2 vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2005-0524
The php_handle_iff function in image.c for PHP 4.2.2, 4.3.9, 4.3.10 and 5.0.3, as reachable by the getimagesize PHP function, allows remote malicious users to cause a denial of service (infinite loop) via a -8 size value.
Php Php 4.2.2
Php Php 4.3.10
Php Php 4.3.9
Php Php 5.0.3
445
VMScore
CVE-2005-0525
The php_next_marker function in image.c for PHP 4.2.2, 4.3.9, 4.3.10 and 5.0.3, as reachable by the getimagesize PHP function, allows remote malicious users to cause a denial of service (infinite loop) via a JPEG image with an invalid marker value, which causes a negative length ...
Php Php 4.3.9
Php Php 5.0.3
Php Php 4.2.2
Php Php 4.3.10
668
VMScore
CVE-2002-1396
Heap-based buffer overflow in the wordwrap function in PHP after 4.1.2 and prior to 4.3.0 may allow malicious users to cause a denial of service or execute arbitrary code.
Php Php 4.1.2
Php Php 4.2.2
Php Php 4.2.3
Php Php 4.2.0
Php Php 4.2.1
445
VMScore
CVE-2003-1302
The IMAP functionality in PHP prior to 4.3.1 allows remote malicious users to cause a denial of service via an e-mail message with a (1) To or (2) From header with an address that contains a large number of "\" (backslash) characters.
Php Php 4.2
Php Php 4.3.0
Php Php 4.2.0
Php Php 4.2.2
Php Php 4.2.1
Php Php 4.2.3
445
VMScore
CVE-2002-0986
The mail function in PHP 4.x to 4.2.2 does not filter ASCII control characters from its arguments, which could allow remote malicious users to modify mail message content, including mail headers, and possibly use PHP as a "spam proxy."
Php Php 4.0.3
Php Php 4.2.0
Php Php 4.2.1
Php Php 4.0.1
Php Php 4.0.2
Php Php 4.1.1
Php Php 4.1.2
Php Php 3.0.18
Php Php 4.0
Php Php 4.0.4
Php Php 4.0.5
Php Php 4.0.6
Php Php 4.2.2
Php Php 4.0.7
Php Php 4.1.0
445
VMScore
CVE-2002-1783
CRLF injection vulnerability in PHP 4.2.1 up to and including 4.2.3, when allow_url_fopen is enabled, allows remote malicious users to modify HTTP headers for outgoing requests by causing CRLF sequences to be injected into arguments that are passed to the (1) fopen or (2) file fu...
Php Php 3.0.14
Php Php 3.0.15
Php Php 4.0.6
Php Php 4.0.7
Php Php 4.2.3
Php Php 3.0.18
Php Php 4.0.3
Php Php 4.1.2
Php Php 4.2.0
Php Php 4.0.4
Php Php 4.0.5
Php Php 4.2.1
Php Php 4.2.2
Php Php 3.0.16
Php Php 3.0.17
Php Php 4.1.0
Php Php 4.1.1
765
VMScore
CVE-2003-0166
Integer signedness error in emalloc() function for PHP prior to 4.3.2 allow remote malicious users to cause a denial of service (memory consumption) and possibly execute arbitrary code via negative arguments to functions such as (1) socket_recv, (2) socket_recvfrom, and possibly ...
Php Php 4.0.5
Php Php 4.0.6
Php Php 4.2.2
Php Php 4.2.3
Php Php 4.0.7
Php Php 4.1.0
Php Php 4.3.0
Php Php 4.3.1
Php Php 4.0.3
Php Php 4.0.4
Php Php 4.2.0
Php Php 4.2.1
Php Php 4.0
Php Php 4.0.1
Php Php 4.0.2
Php Php 4.1.1
Php Php 4.1.2
3 EDB exploits
890
VMScore
CVE-2003-0860
Buffer overflows in PHP prior to 4.3.3 have unknown impact and unknown attack vectors.
Php Php 4.0.1
Php Php 4.0.2
Php Php 4.0.6
Php Php 4.0.7
Php Php 4.2.1
Php Php 4.2.3
Php Php 4.0.3
Php Php 4.0.4
Php Php 4.0.5
Php Php 4.3.0
Php Php 4.3.1
Php Php 4.3.2
Php Php 4.0
Php Php 4.1.0
Php Php 4.1.1
Php Php 4.1.2
Php Php 4.2.0
Php Php 4.2.2
Php Php 4.2
890
VMScore
CVE-2003-0861
Integer overflows in (1) base64_encode and (2) the GD library for PHP prior to 4.3.3 have unknown impact and unknown attack vectors.
Php Php 4.0.1
Php Php 4.0.5
Php Php 4.0.7
Php Php 4.2.0
Php Php 4.2.2
Php Php 4.1.0
Php Php 4.1.1
Php Php 4.0.2
Php Php 4.0.3
Php Php 4.0.4
Php Php 4.2
Php Php 4.3.0
Php Php 4.3.1
Php Php 4.3.2
Php Php 4.0
Php Php 4.0.6
Php Php 4.1.2
Php Php 4.2.1
Php Php 4.2.3
231
VMScore
CVE-2007-2727
The mcrypt_create_iv function in ext/mcrypt/mcrypt.c in PHP prior to 4.4.7, 5.2.1, and possibly 5.0.x and other PHP 5 versions, calls php_rand_r with an uninitialized seed variable and therefore always generates the same initialization vector (IV), which might allow context-depen...
Php Php 4.3.9
Php Php 4.2.0
Php Php 4.1.0
Php Php 4.3.4
Php Php 4.0.4
Php Php 4.3.0
Php Php 4.0.5
Php Php 4.3.6
Php Php 4.0.7
Php Php 4.3.11
Php Php 4.3.2
Php Php 4.2.2
Php Php 4.0.3
Php Php 4.3.7
Php Php 4.0.6
Php Php 4.1.2
Php Php 4.0.1
Php Php 4.3.3
Php Php 4.1.1
Php Php 4.3.1
Php Php 4.3.10
Php Php 4.0.2
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »