Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php php 4.1.1 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2013-1643
The SOAP parser in PHP prior to 5.3.23 and 5.4.x prior to 5.4.13 allows remote malicious users to read arbitrary files via a SOAP WSDL file containing an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue in the ...
Php Php 4.3.9
Php Php 4.4.9
Php Php 3.0
Php Php
Php Php 5.2.9
Php Php 4.0
Php Php 3.0.5
Php Php 3.0.11
Php Php 5.3.10
Php Php 5.1.5
Php Php 5.3.6
Php Php 5.3.9
Php Php 5.1.2
Php Php 5.3.1
Php Php 4.2.0
Php Php 5.1.1
Php Php 3.0.1
Php Php 5.3.18
Php Php 5.2.14
Php Php 3.0.2
Php Php 4.4.4
Php Php 5.0.0
NA
CVE-2012-1911
Multiple SQL injection vulnerabilities in PHP Address Book 6.2.12 and previous versions allow remote malicious users to execute arbitrary SQL commands via the (1) to_group parameter to group.php or (2) id parameter to vcard.php. NOTE: the edit.php vector is already covered by CVE...
Chatelao Php Address Book 6.2.9
Chatelao Php Address Book 6.2.7
Chatelao Php Address Book 6.2
Chatelao Php Address Book 6.1.4
Chatelao Php Address Book 5.7.3
Chatelao Php Address Book 5.8.1
Chatelao Php Address Book 5.7.5
Chatelao Php Address Book 5.4.4
Chatelao Php Address Book 5.4.3
Chatelao Php Address Book 5.0
Chatelao Php Address Book 5.4.2
Chatelao Php Address Book 4.0.2
Chatelao Php Address Book 3.2.6
Chatelao Php Address Book 3.2.13
Chatelao Php Address Book 3.1.5
Chatelao Php Address Book 3.2.5
Chatelao Php Address Book 3.3.8
Chatelao Php Address Book 3.3
Chatelao Php Address Book 3.2.14
Chatelao Php Address Book 3.4.7
Chatelao Php Address Book 3.4.8
Chatelao Php Address Book 3.4.3
1 EDB exploit
NA
CVE-2012-1912
Cross-site scripting (XSS) vulnerability in preferences.php in PHP Address Book 7.0 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the from parameter. NOTE: the index.php vector is already covered by CVE-2008-2566.
Chatelao Php Address Book 6.1
Chatelao Php Address Book 6.2
Chatelao Php Address Book 6.2.7
Chatelao Php Address Book 6.2.9
Chatelao Php Address Book 5.8.1
Chatelao Php Address Book 5.7.5
Chatelao Php Address Book 5.4.4
Chatelao Php Address Book 5.4.3
Chatelao Php Address Book 5.5
Chatelao Php Address Book 5.4.2
Chatelao Php Address Book 5.4.1
Chatelao Php Address Book 4.0.2
Chatelao Php Address Book 3.2.6
Chatelao Php Address Book 3.1.5
Chatelao Php Address Book 3.1.6
Chatelao Php Address Book 3.3.8
Chatelao Php Address Book 3.3.7
Chatelao Php Address Book 3.3
Chatelao Php Address Book 3.2.14
Chatelao Php Address Book 3.4.8
Chatelao Php Address Book 3.4.5
Chatelao Php Address Book 3.4.4
1 EDB exploit
NA
CVE-2011-5161
Unrestricted file upload vulnerability in the patient photograph functionality in OpenEMR 4 allows remote malicious users to execute arbitrary PHP code by uploading a file with an executable extension followed by a safe extension, then accessing it via a direct request to the pat...
Open-emr Openemr 4.0.0
Open-emr Openemr 4.1.1
Open-emr Openemr 4.1.0
1 EDB exploit
NA
CVE-2012-3365
The SQLite functionality in PHP prior to 5.3.15 allows remote malicious users to bypass the open_basedir protection mechanism via unspecified vectors.
Php Php 5.3.11
Php Php 5.3.4
Php Php 5.3.13
Php Php 5.3.2
Php Php 5.2.13
Php Php 5.2.5
Php Php 5.2.3
Php Php 5.2.14
Php Php 5.1.6
Php Php 5.1.4
Php Php 5.0.0
Php Php 4.3.10
Php Php 4.3.1
Php Php 4.4.8
Php Php 4.2.0
Php Php 4.3.0
Php Php 4.3.7
Php Php 4.4.4
Php Php 4.0
Php Php 4.0.5
Php Php 4.0.4
Php Php 3.0.11
NA
CVE-2012-2688
Unspecified vulnerability in the _php_stream_scandir function in the stream implementation in PHP prior to 5.3.15 and 5.4.x prior to 5.4.5 has unknown impact and remote attack vectors, related to an "overflow."
Php Php
Php Php 5.3.1
Php Php 5.3.7
Php Php 5.3.12
Php Php 5.3.8
Php Php 5.3.11
Php Php 5.3.4
Php Php 5.3.3
Php Php 5.3.0
Php Php 5.3.2
Php Php 5.3.10
Php Php 5.2.15
Php Php 5.2.11
Php Php 5.2.7
Php Php 5.2.1
Php Php 5.2.2
Php Php 5.1.5
Php Php 5.0.5
Php Php 5.0.2
Php Php 5.0.1
Php Php 4.3.2
Php Php 4.3.11
NA
CVE-2012-2143
The crypt_des (aka DES-based crypt) function in FreeBSD prior to 9.0-RELEASE-p2, as used in PHP, PostgreSQL, and other products, does not process the complete cleartext password if this password contains a 0x80 character, which makes it easier for context-dependent malicious user...
Postgresql Postgresql
Freebsd Freebsd 5.2.1
Freebsd Freebsd 7.4
Freebsd Freebsd 6.1
Freebsd Freebsd 3.1
Freebsd Freebsd 6.4
Freebsd Freebsd 6.3
Freebsd Freebsd 2.2.5
Freebsd Freebsd 5.5
Freebsd Freebsd 8.2
Freebsd Freebsd 5.4
Freebsd Freebsd 5.3
Freebsd Freebsd 2.2.2
Freebsd Freebsd 2.1.7
Freebsd Freebsd 4.11
Freebsd Freebsd 2.0.5
Freebsd Freebsd 8.0
Freebsd Freebsd 1.1.5.1
Freebsd Freebsd 4.5
Freebsd Freebsd 4.7
Freebsd Freebsd 7.0
Freebsd Freebsd
NA
CVE-2012-2903
Multiple cross-site scripting (XSS) vulnerabilities in PHP Address Book 7.0 and previous versions allow remote malicious users to inject arbitrary web script or HTML via the (1) PATH_INFO to group.php, or the (2) target_language or (3) target_flag parameter to translate.php.
Chatelao Php Address Book 5.8.1
Chatelao Php Address Book 5.7.5
Chatelao Php Address Book 5.5
Chatelao Php Address Book 5.4.9
Chatelao Php Address Book 5.4.2
Chatelao Php Address Book 5.4.1
Chatelao Php Address Book 4.1.3
Chatelao Php Address Book 4.1.1
Chatelao Php Address Book 3.4.4
Chatelao Php Address Book 3.4.3
Chatelao Php Address Book 3.3.15
Chatelao Php Address Book 3.3.14
Chatelao Php Address Book 3.3.5
Chatelao Php Address Book 5.7.4
Chatelao Php Address Book 5.7.3
Chatelao Php Address Book 3.4.9
Chatelao Php Address Book 5.4.7
Chatelao Php Address Book 5.4
Chatelao Php Address Book 5.3
Chatelao Php Address Book 4.0.2
Chatelao Php Address Book 4.0
Chatelao Php Address Book 3.4.2
1 EDB exploit
NA
CVE-2012-2376
Buffer overflow in the com_print_typeinfo function in PHP 5.4.3 and previous versions on Windows allows remote malicious users to execute arbitrary code via crafted arguments that trigger incorrect handling of COM object VARIANT types, as exploited in the wild in May 2012.
Php Php 5.4.2
Php Php 5.4.1
Php Php 5.3.2
Php Php 5.2.8
Php Php 5.2.6
Php Php 5.1.1
Php Php 5.1.0
Php Php 5.3.6
Php Php 5.0.0
Php Php 5.2.3
Php Php 5.2.1
Php Php 5.3.3
Php Php 5.2.7
Php Php 5.2.14
Php Php 4.3.10
Php Php 4.2.1
Php Php 4.2.0
Php Php 4.3.8
Php Php 4.3.9
Php Php 4.4.9
Php Php 4.3.0
Php Php 4.0.6
1 EDB exploit
NA
CVE-2012-2311
sapi/cgi/cgi_main.c in PHP prior to 5.3.13 and 5.4.x prior to 5.4.3, when configured as a CGI script (aka php-cgi), does not properly handle query strings that contain a %3D sequence but no = (equals sign) character, which allows remote malicious users to execute arbitrary code b...
Php Php 4.3.9
Php Php 4.4.9
Php Php 3.0
Php Php 5.2.9
Php Php 4.0
Php Php 3.0.5
Php Php 3.0.11
Php Php 5.3.10
Php Php 5.1.5
Php Php 5.3.6
Php Php 5.3.9
Php Php 5.1.2
Php Php 5.3.1
Php Php 4.2.0
Php Php 5.1.1
Php Php 3.0.1
Php Php 5.2.14
Php Php 3.0.2
Php Php 4.4.4
Php Php 5.0.0
Php Php 4.1.0
Php Php 5.1.6
4 EDB exploits
2 Github repositories
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-35977
CVE-2023-49335
man-in-the-middle
CVE-2024-4947
CVE-2024-31714
memory leak
SQL
CVE-2024-35994
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »