Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php php 2.0 vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2007-4170
Multiple PHP remote file inclusion vulnerabilities in AL-Athkar 2.0 allow remote malicious users to execute arbitrary PHP code via a URL in the (1) include parameter to (a) Main.php and (b) get.php and the (2) exec parameter to (c) count.php.
Al-athkar Al-athkar 2.0
10
CVSSv2
CVE-2007-2985
Pheap 2.0 allows remote malicious users to bypass authentication by setting a pheap_login cookie value to the administrator's username, which can be used to (1) obtain sensitive information, including the administrator password, via settings.php or (2) upload and execute arb...
Pheap Pheap 2.0
1 EDB exploit
10
CVSSv2
CVE-2006-7182
PHP remote file inclusion vulnerability in noticias.php in MNews 2.0 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the inc parameter.
Mnews Mnews
10
CVSSv2
CVE-2007-1394
Direct static code injection vulnerability in startsession.php in Flat Chat 2.0 allows remote malicious users to execute arbitrary PHP code via the Chat Name field, which is inserted into online.txt and included by users.php. NOTE: some of these details are obtained from third pa...
Flat Chat Flat Chat 2.0
1 EDB exploit
10
CVSSv2
CVE-2006-7052
Multiple PHP remote file inclusion vulnerabilities in DotWidget For Articles (dotwidgeta) 0.2 allow remote malicious users to execute arbitrary code via a URL in the (1) file_path parameter to (a) index.php, (b) showcatpicks.php, and (c) showarticle.php; and the (2) admin_header_...
Keith Reichley Dotwidget For Articles 0.2
7 EDB exploits
10
CVSSv2
CVE-2004-0990
Integer overflow in GD Graphics Library libgd 2.0.28 (libgd2), and possibly other versions, allows remote malicious users to cause a denial of service and possibly execute arbitrary code via PNG image files with large image rows values that lead to a heap-based buffer overflow in...
Gd Graphics Library Gdlib 1.8.4
Gd Graphics Library Gdlib 2.0.26
Gd Graphics Library Gdlib 2.0.27
Gd Graphics Library Gdlib 2.0.28
Gd Graphics Library Gdlib 2.0.1
Gd Graphics Library Gdlib 2.0.15
Openpkg Openpkg 2.1
Openpkg Openpkg 2.2
Gd Graphics Library Gdlib 2.0.20
Gd Graphics Library Gdlib 2.0.21
Openpkg Openpkg Current
Gd Graphics Library Gdlib 2.0.22
Gd Graphics Library Gdlib 2.0.23
Suse Suse Linux 8.1
Suse Suse Linux 8.2
Trustix Secure Linux 2.1
Trustix Secure Linux 2.2
Suse Suse Linux 9.0
Suse Suse Linux 9.1
Suse Suse Linux 9.2
Gentoo Linux
Suse Suse Linux 8.0
1 EDB exploit
10
CVSSv2
CVE-2004-0941
Multiple buffer overflows in the gd graphics library (libgd) 2.0.21 and previous versions may allow remote malicious users to execute arbitrary code via malformed image files that trigger the overflows due to improper calls to the gdMalloc function, a different set of vulnerabili...
Gd Graphics Library Gdlib 2.0.22
Gd Graphics Library Gdlib 2.0.23
Gd Graphics Library Gdlib 2.0.26
Gd Graphics Library Gdlib 1.8.4
Gd Graphics Library Gdlib 2.0.1
Gd Graphics Library Gdlib 2.0.33
Gd Graphics Library Gdlib 2.0.27
Gd Graphics Library Gdlib 2.0.28
Gd Graphics Library Gdlib 2.0.20
Gd Graphics Library Gdlib 2.0.21
Trustix Secure Linux 2.1
Trustix Secure Linux 2.2
Trustix Secure Linux 1.5
Trustix Secure Linux 2.0
10
CVSSv2
CVE-2004-1065
Buffer overflow in the exif_read_data function in PHP prior to 4.3.10 and PHP 5.x up to 5.0.2 allows remote malicious users to execute arbitrary code via a long section name in an image file.
Openpkg Openpkg 2.1
Php Php 3.0.12
Php Php 3.0.13
Php Php 3.0
Php Php 3.0.1
Php Php 3.0.16
Php Php 3.0.17
Php Php 3.0.8
Php Php 3.0.9
Php Php 4.0.3
Php Php 4.0.4
Php Php 4.1.0
Php Php 4.1.1
Php Php 4.3.1
Php Php 4.3.2
Php Php 4.3.9
Php Php 5.0.0
Php Php 3.0.4
Php Php 3.0.5
Php Php 4.0.1
Php Php 4.0.7
Php Php 4.2.2
10
CVSSv2
CVE-2004-1227
Directory traversal vulnerability in SugarCRM Sugar Sales 2.0.1c and previous versions allows remote malicious users to read arbitrary files and possibly execute arbitrary PHP code via .. (dot dot) sequences in the (1) module, (2) action, or (3) theme parameters to index.php, (4)...
Sugarcrm Sugar Sales
1 EDB exploit
10
CVSSv2
CVE-2004-1019
The deserialization code in PHP prior to 4.3.10 and PHP 5.x up to 5.0.2 allows remote malicious users to cause a denial of service and execute arbitrary code via untrusted data to the unserialize function that may trigger "information disclosure, double-free and negative ref...
Openpkg Openpkg 2.2
Openpkg Openpkg Current
Php Php 3.0.14
Php Php 3.0.15
Php Php 3.0.5
Php Php 3.0.6
Php Php 3.0.7
Php Php 4.0.2
Php Php 4.0.3
Php Php 4.0.7
Php Php 4.2.3
Php Php 4.2
Php Php 4.3.0
Php Php 4.3.7
Php Php 4.3.8
Php Php 5.0
Php Php 3.0.10
Php Php 3.0.11
Php Php 3.0.18
Php Php 3.0.2
Php Php 4.0
Php Php 4.0.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-40673
CVE-2024-36674
CVE-2024-27348
unspecified
CVE-2024-24919
CVE-2024-4870
malicious code
CVE-2024-2019
hard-coded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »