Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php php 4 vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2007-1286
Integer overflow in PHP 4.4.4 and previous versions allows remote context-dependent malicious users to execute arbitrary code via a long string to the unserialize function, which triggers the overflow in the ZVAL reference counter.
Php Php
3 EDB exploits
10
CVSSv2
CVE-2004-1018
Multiple integer handling errors in PHP prior to 4.3.10 allow malicious users to bypass safe mode restrictions, cause a denial of service, or execute arbitrary code via (1) a negative offset value to the shmop_write function, (2) an "integer overflow/underflow" in the p...
Php Php
Canonical Ubuntu Linux 4.10
2 EDB exploits
7.5
CVSSv2
CVE-2011-3379
The is_a function in PHP 5.3.7 and 5.3.8 triggers a call to the __autoload function, which makes it easier for remote malicious users to execute arbitrary code by providing a crafted URL and leveraging potentially unsafe behavior in certain PEAR packages and custom autoloaders.
Php Php 5.3.7
Php Php 5.3.8
5
CVSSv2
CVE-2005-0433
Php-Nuke 7.5 allows remote malicious users to determine the full path of the web server via invalid or missing arguments to (1) db.php, (2) mainfile.php, (3) Downloads/index.php, or (4) Web_Links/index.php, which lists the path in a PHP error message.
Francisco Burzi Php-nuke 6.5
Francisco Burzi Php-nuke 6.5 Beta1
Francisco Burzi Php-nuke 6.9
Francisco Burzi Php-nuke 7.0
Francisco Burzi Php-nuke 6.5 Final
Francisco Burzi Php-nuke 6.5 Rc1
Francisco Burzi Php-nuke 7.0 Final
Francisco Burzi Php-nuke 7.1
Francisco Burzi Php-nuke 6.0
Francisco Burzi Php-nuke 6.6
Francisco Burzi Php-nuke 6.7
Francisco Burzi Php-nuke 7.6
Francisco Burzi Php-nuke 6.5 Rc2
Francisco Burzi Php-nuke 6.5 Rc3
Francisco Burzi Php-nuke 7.2
Francisco Burzi Php-nuke 7.3
4.3
CVSSv2
CVE-2004-2020
Multiple cross-site scripting (XSS) vulnerabilities in Php-Nuke 6.x up to and including 7.3 allow remote malicious users to inject arbitrary HTML or web script into the (1) optionbox parameter in the News module, (2) date parameter in the Statistics module, (3) year, month, and m...
Francisco Burzi Php-nuke 6.5 Rc2
Francisco Burzi Php-nuke 6.5 Rc3
Francisco Burzi Php-nuke 7.2
Francisco Burzi Php-nuke 7.3
Francisco Burzi Php-nuke 6.5 Final
Francisco Burzi Php-nuke 6.5 Rc1
Francisco Burzi Php-nuke 7.0 Final
Francisco Burzi Php-nuke 7.1
Francisco Burzi Php-nuke 6.0
Francisco Burzi Php-nuke 6.5
Francisco Burzi Php-nuke 6.5 Beta1
Francisco Burzi Php-nuke 6.9
Francisco Burzi Php-nuke 7.0
Francisco Burzi Php-nuke 6.6
Francisco Burzi Php-nuke 6.7
4.3
CVSSv2
CVE-2003-0442
Cross-site scripting (XSS) vulnerability in the transparent SID support capability for PHP prior to 4.3.2 (session.use_trans_sid) allows remote malicious users to insert arbitrary script via the PHPSESSID parameter.
Php Php
Redhat Linux 8.0
Redhat Linux 9.0
1 EDB exploit
4.6
CVSSv2
CVE-2002-1821
Ultimate PHP Board (UPB) 1.0 and 1.0b allows remote authenticated users to gain privileges and perform unauthorized actions via direct requests to (1) admin_members.php, (2) admin_config.php, (3) admin_cat.php, or (4) admin_forum.php.
Ultimate Php Board Ultimate Php Board 1.0 Beta
Ultimate Php Board Ultimate Php Board 1.0
4.3
CVSSv2
CVE-2004-2293
Multiple cross-site scripting (XSS) vulnerabilities in PHP-Nuke 6.0 to 7.3 allow remote malicious users to inject arbitrary web script or HTML via the (1) eid parameter or (2) query parameter to the Encyclopedia module, (3) preview_review function in the Reviews module as demonst...
Francisco Burzi Php-nuke 6.0
Francisco Burzi Php-nuke 6.5
Francisco Burzi Php-nuke 6.7
Francisco Burzi Php-nuke 6.9
Francisco Burzi Php-nuke 6.5 Rc1
Francisco Burzi Php-nuke 6.5 Rc2
Francisco Burzi Php-nuke 7.2
Francisco Burzi Php-nuke 7.3
Francisco Burzi Php-nuke 6.5 Rc3
Francisco Burzi Php-nuke 6.6
Francisco Burzi Php-nuke 6.5 Beta1
Francisco Burzi Php-nuke 6.5 Final
Francisco Burzi Php-nuke 7.0
Francisco Burzi Php-nuke 7.0 Final
Francisco Burzi Php-nuke 7.1
1 EDB exploit
4.3
CVSSv2
CVE-2004-1840
Multiple cross-site scripting (XSS) vulnerabilities in MS Analysis module 2.0 for PHP-Nuke allows remote malicious users to inject arbitrary web script or HTML via the (1) screen parameter to modules.php, (2) module_name parameter to title.php, (3) sortby parameter to modules.php...
Francisco Burzi Php-nuke 6.5 Rc1
Francisco Burzi Php-nuke 6.5 Rc2
Francisco Burzi Php-nuke 6.7
Francisco Burzi Php-nuke 6.9
Francisco Burzi Php-nuke 6.5 Rc3
Francisco Burzi Php-nuke 6.6
Francisco Burzi Php-nuke 6.5
Francisco Burzi Php-nuke 6.5 Beta1
Francisco Burzi Php-nuke 6.5 Final
Francisco Burzi Php-nuke 7.0
Francisco Burzi Php-nuke 7.0 Final
7.5
CVSSv2
CVE-2007-3997
The (1) MySQL and (2) MySQLi extensions in PHP 4 prior to 4.4.8, and PHP 5 prior to 5.2.4, allow remote malicious users to bypass safe_mode and open_basedir restrictions via MySQL LOCAL INFILE operations, as demonstrated by a query with LOAD DATA LOCAL INFILE.
Php Php
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »