Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php php 4 vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2019-10708
S-CMS PHP v1.0 has SQL injection via the 4/js/scms.php?action=unlike id parameter.
S-cms S-cms 1.0
1 Github repository
9.8
CVSSv3
CVE-2018-5749
install.php in Minecraft Servers List Lite before commit c1cd164 and Premium Minecraft Servers List prior to 2.0.4 does not sanitize input before saving database connection information in connect.php, which might allow remote malicious users to execute arbitrary PHP code via the ...
Premium Minecraft Servers List Project Premium Minecraft Servers List
Minecraft Servers List Lite Project Minecraft Servers List Lite
9.8
CVSSv3
CVE-2017-9225
An issue exists in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby up to and including 2.4.1 and mbstring in PHP up to and including 7.1.5. A stack out-of-bounds write in onigenc_unicode_get_case_fold_codes_by_str() occurs during regular expression compilation. Code point 0xFFF...
Oniguruma Project Oniguruma 6.2.0
Ruby-lang Ruby
Php Php
9.8
CVSSv3
CVE-2017-8051
Tenable Appliance 3.5 - 4.4.0, and possibly prior versions, contains a flaw in the simpleupload.py script in the Web UI. Through the manipulation of the tns_appliance_session_user parameter, a remote attacker can inject arbitrary commands.
Tenable Appliance 4.3.0
Tenable Appliance 3.4.0
Tenable Appliance 4.3.1
Tenable Appliance 4.0.0
Tenable Appliance 3.5.0
Tenable Appliance 4.4.0
Tenable Appliance 3.10.1
Tenable Appliance 4.2.0
Tenable Appliance 3.5.1
Tenable Appliance 4.1.0
Tenable Appliance 3.10.0
1 EDB exploit
9.8
CVSSv3
CVE-2016-1555
(1) boardData102.php, (2) boardData103.php, (3) boardDataJP.php, (4) boardDataNA.php, and (5) boardDataWW.php in Netgear WN604 prior to 3.3.3 and WN802Tv2, WNAP210v2, WNAP320, WNDAP350, WNDAP360, and WNDAP660 prior to 3.5.5.0 allow remote malicious users to execute arbitrary comm...
Netgear Wnap320 Firmware
Netgear Wndap350 Firmware
Netgear Wndap360 Firmware
Netgear Wndap210v2 Firmware
Netgear Wn604 Firmware
Netgear Wndap660 Firmware
Netgear Wn802tv2 Firmware
2 Metasploit modules
3 Github repositories
9.8
CVSSv3
CVE-2012-0911
TikiWiki CMS/Groupware prior to 6.7 LTS and prior to 8.4 allows remote malicious users to execute arbitrary PHP code via a crafted serialized object in the (1) cookieName to lib/banners/bannerlib.php; (2) printpages or (3) printstructures parameter to (a) tiki-print_multi_pages.p...
Tiki Tikiwiki Cms/groupware
2 EDB exploits
9.8
CVSSv3
CVE-2008-2108
The GENERATE_SEED macro in PHP 4.x prior to 4.4.8 and 5.x prior to 5.2.5, when running on 64-bit systems, performs a multiplication that generates a portion of zero bits during conversion due to insufficient precision, which produces 24 bits of entropy and simplifies brute force ...
Php Php
Fedoraproject Fedora 9
Fedoraproject Fedora 8
Canonical Ubuntu Linux 7.04
Canonical Ubuntu Linux 7.10
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 6.06
Debian Debian Linux 4.0
9.1
CVSSv3
CVE-2020-7061
In PHP versions 7.3.x below 7.3.15 and 7.4.x below 7.4.3, while extracting PHAR files on Windows using phar extension, certain content inside PHAR file could lead to one-byte read past the allocated buffer. This could potentially lead to information disclosure or crash.
Php Php
Tenable Tenable.sc
9.1
CVSSv3
CVE-2020-7059
When using fgetss() function to read data with stripping tags, in PHP versions 7.2.x below 7.2.27, 7.3.x below 7.3.14 and 7.4.x below 7.4.2 it is possible to supply data that will cause this function to read past the allocated buffer. This may lead to information disclosure or cr...
Php Php
Tenable Tenable.sc
Oracle Communications Diameter Signaling Router
Opensuse Leap 15.1
Debian Debian Linux 8.0
9.1
CVSSv3
CVE-2020-7060
When using certain mbstring functions to convert multibyte encodings, in PHP versions 7.2.x below 7.2.27, 7.3.x below 7.3.14 and 7.4.x below 7.4.2 it is possible to supply data that will cause function mbfl_filt_conv_big5_wchar to read past the allocated buffer. This may lead to ...
Php Php
Tenable Tenable.sc
Oracle Communications Diameter Signaling Router
Opensuse Leap 15.1
Debian Debian Linux 8.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-0044
remote code execution
CVE-2024-37080
CVE-2024-5182
CVE-2024-4390
CVE-2024-6100
brute force
CVE-2021-47581
file inclusion
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »