Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php php 4 vulnerabilities and exploits
(subscribe to this query)
294
VMScore
CVE-2011-1072
The installer in PEAR prior to 1.9.2 allows local users to overwrite arbitrary files via a symlink attack on the package.xml file, related to the (1) download_dir, (2) cache_dir, (3) tmp_dir, and (4) pear-build-download directories, a different vulnerability than CVE-2007-2519.
Php Pear 0.9
Php Pear 1.3.4
Php Pear 1.2.1
Php Pear 1.3.3.1
Php Pear 1.4.2
Php Pear 1.0.1
Php Pear 1.0
Php Pear 1.2
Php Pear 1.5.0
Php Pear 1.3
Php Pear 0.90
Php Pear 1.5.1
Php Pear 1.4.0
Php Pear 1.4.1
Php Pear 1.3.5
Php Pear
Php Pear 1.3.6
Php Pear 1.3.3
Php Pear 1.3.1
Php Pear 0.2.2
Php Pear 0.10
Php Pear 1.6.1
760
VMScore
CVE-2011-1938
Stack-based buffer overflow in the socket_connect function in ext/sockets/sockets.c in PHP 5.3.3 up to and including 5.3.6 might allow context-dependent malicious users to execute arbitrary code via a long pathname for a UNIX socket.
Php Php 5.3.6
Php Php 5.3.3
Php Php 5.3.4
Php Php 5.3.5
2 EDB exploits
685
VMScore
CVE-2010-2094
Multiple format string vulnerabilities in the phar extension in PHP 5.3 prior to 5.3.2 allow context-dependent malicious users to obtain sensitive information (memory contents) and possibly execute arbitrary code via a crafted phar:// URI that is not properly handled by the (1) p...
Php Php 5.3.1
Php Php 5.3.0
1 EDB exploit
578
VMScore
CVE-2006-3208
Direct static code injection vulnerability in Ultimate PHP Board (UPB) 1.9.6 and previous versions allows remote authenticated administrators to execute arbitrary PHP code via multiple unspecified "configuration fields" in (1) admin_chatconfig.php, (2) admin_configcss.p...
Ultimate Php Board Ultimate Php Board 1.9.6
Ultimate Php Board Ultimate Php Board 1.8
Ultimate Php Board Ultimate Php Board 1.8.2
Ultimate Php Board Ultimate Php Board 1.9
445
VMScore
CVE-2005-2004
Multiple cross-site scripting vulnerabilities in Ultimate PHP Board (UPB) 1.9.6 GOLD and previous versions allow remote malicious users to inject arbitrary web script or HTML via the (1) ref parameter to login.php, (2) id or (3) page parameter to viewtopic.php, id parameter to (4...
Ultimate Php Board Ultimate Php Board 1.9.6
Ultimate Php Board Ultimate Php Board 1.8
Ultimate Php Board Ultimate Php Board 1.8.2
Ultimate Php Board Ultimate Php Board 1.9
1000
VMScore
CVE-2004-1018
Multiple integer handling errors in PHP prior to 4.3.10 allow malicious users to bypass safe mode restrictions, cause a denial of service, or execute arbitrary code via (1) a negative offset value to the shmop_write function, (2) an "integer overflow/underflow" in the p...
Php Php
Canonical Ubuntu Linux 4.10
2 EDB exploits
695
VMScore
CVE-2007-1286
Integer overflow in PHP 4.4.4 and previous versions allows remote context-dependent malicious users to execute arbitrary code via a long string to the unserialize function, which triggers the overflow in the ZVAL reference counter.
Php Php
3 EDB exploits
445
VMScore
CVE-2005-0433
Php-Nuke 7.5 allows remote malicious users to determine the full path of the web server via invalid or missing arguments to (1) db.php, (2) mainfile.php, (3) Downloads/index.php, or (4) Web_Links/index.php, which lists the path in a PHP error message.
Francisco Burzi Php-nuke 6.5 Beta1
Francisco Burzi Php-nuke 6.5
Francisco Burzi Php-nuke 7.0
Francisco Burzi Php-nuke 7.2
Francisco Burzi Php-nuke 7.0 Final
Francisco Burzi Php-nuke 6.5 Rc2
Francisco Burzi Php-nuke 7.3
Francisco Burzi Php-nuke 6.5 Rc3
Francisco Burzi Php-nuke 7.6
Francisco Burzi Php-nuke 6.0
Francisco Burzi Php-nuke 6.5 Final
Francisco Burzi Php-nuke 6.7
Francisco Burzi Php-nuke 6.6
Francisco Burzi Php-nuke 6.9
Francisco Burzi Php-nuke 7.1
Francisco Burzi Php-nuke 6.5 Rc1
668
VMScore
CVE-2011-3379
The is_a function in PHP 5.3.7 and 5.3.8 triggers a call to the __autoload function, which makes it easier for remote malicious users to execute arbitrary code by providing a crafted URL and leveraging potentially unsafe behavior in certain PEAR packages and custom autoloaders.
Php Php 5.3.8
Php Php 5.3.7
435
VMScore
CVE-2003-0442
Cross-site scripting (XSS) vulnerability in the transparent SID support capability for PHP prior to 4.3.2 (session.use_trans_sid) allows remote malicious users to insert arbitrary script via the PHPSESSID parameter.
Php Php
Redhat Linux 8.0
Redhat Linux 9.0
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
privilege
CVE-2022-48762
CVE-2022-48751
CVE-2024-37079
CVE-2024-30848
LFI
man-in-the-middle
CVE-2022-48736
CVE-2024-30103
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »