Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php php 4.2 vulnerabilities and exploits
(subscribe to this query)
828
VMScore
CVE-2006-1017
The c-client library 2000, 2001, or 2004 for PHP prior to 4.4.4 and 5.x prior to 5.1.5 do not check the (1) safe_mode or (2) open_basedir functions, and when used in applications that accept user-controlled input for the mailbox argument to the imap_open function, allow remote ma...
Php Php 3.0
Php Php 3.0.1
Php Php 3.0.17
Php Php 3.0.18
Php Php 3.0.8
Php Php 3.0.9
Php Php 4.0.3
Php Php 4.0.4
Php Php 4.0.5
Php Php 4.1.1
Php Php 4.1.2
Php Php 4.3.1
Php Php 4.3.10
Php Php 4.3.8
Php Php 4.3.9
Php Php 5.0.0
Php Php 5.0.3
Php Php 5.0.4
Php Php 5.1.3
Php Php 5.1.4
Php Php 3.0.13
Php Php 3.0.14
790
VMScore
CVE-2005-3391
Multiple vulnerabilities in PHP prior to 4.4.1 allow remote malicious users to bypass safe_mode and open_basedir restrictions via unknown attack vectors in (1) ext/curl and (2) ext/gd.
Php Php 3.0
Php Php 3.0.1
Php Php 3.0.17
Php Php 3.0.18
Php Php 3.0.8
Php Php 3.0.9
Php Php 4.0.3
Php Php 4.0.4
Php Php 4.0.5
Php Php 4.1.1
Php Php 4.1.2
Php Php 4.3.1
Php Php 4.3.10
Php Php 4.3.7
Php Php 4.3.8
Php Php 4.3.9
Php Php 3.0.10
Php Php 3.0.11
Php Php 3.0.12
Php Php 3.0.2
Php Php 3.0.3
Php Php 4.0.0
790
VMScore
CVE-2005-3392
Unspecified vulnerability in PHP prior to 4.4.1, when using the virtual function on Apache 2, allows remote malicious users to bypass safe_mode and open_basedir directives.
Php Php 3.0.12
Php Php 3.0.13
Php Php 3.0.3
Php Php 3.0.4
Php Php 3.0.14
Php Php 3.0.15
Php Php 3.0.5
Php Php 3.0.6
Php Php 4.0.2
Php Php 4.0.3
Php Php 4.0.7
Php Php 4.2.3
Php Php 4.2
Php Php 4.3.5
Php Php 4.3.6
Php Php 3.0.10
Php Php 3.0.11
Php Php 3.0.18
Php Php 3.0.2
Php Php 3.0.9
Php Php 4.0.0
Php Php 4.0.1
785
VMScore
CVE-2007-1718
CRLF injection vulnerability in the mail function in PHP 4.0.0 up to and including 4.4.6 and 5.0.0 up to and including 5.2.1 allows remote malicious users to inject arbitrary e-mail headers and possibly conduct spam attacks via a control character immediately following folding of...
Php Php 4.0.1
Php Php 4.0.2
Php Php 4.0.7
Php Php 4.0
Php Php 4.2.3
Php Php 4.2
Php Php 4.3.4
Php Php 4.3.5
Php Php 4.4.3
Php Php 4.4.4
Php Php 5.0.0
Php Php 5.0.5
Php Php 5.0
Php Php 5.1.4
Php Php 5.1.5
Php Php 4.0.3
Php Php 4.1.0
Php Php 4.1.1
Php Php 4.3.0
Php Php 4.3.1
Php Php 4.3.6
Php Php 4.3.7
1 EDB exploit
785
VMScore
CVE-2002-2309
php.exe in PHP 3.0 up to and including 4.2.2, when running on Apache, does not terminate properly, which allows remote malicious users to cause a denial of service via a direct request without arguments.
Php Php 3.0.1
Php Php 3.0.11
Php Php 3.0.16
Php Php 3.0.18
Php Php 3.0.8
Php Php 4.0
Php Php 4.0.4
Php Php 4.0.6
Php Php 4.1.0
Php Php 4.1.2
Php Php 4.2.1
Php Php 3.0.12
Php Php 3.0.13
Php Php 3.0.14
Php Php 3.0.15
Php Php 4.0.1
Php Php 4.0.2
Php Php 4.0.3
Php Php 4.2.2
Php Php 3.0.3
Php Php 3.0.4
Php Php 3.0.5
1 EDB exploit
760
VMScore
CVE-2007-1376
The shmop functions in PHP prior to 4.4.5, and prior to 5.2.1 in the 5.x series, do not verify that their arguments correspond to a shmop resource, which allows context-dependent malicious users to read and write arbitrary memory locations via arguments associated with an inappro...
Php Php 4.0.1
Php Php 4.0.6
Php Php 4.0.7
Php Php 4.0.2
Php Php 4.0.3
Php Php 4.0
Php Php 4.0.0
Php Php 4.0.4
Php Php 4.0.5
Php Php 4.1.0
Php Php 4.2
Php Php 4.3.0
Php Php 4.3.5
Php Php 4.3.6
Php Php 4.4.4
Php Php 4.4.5
Php Php 5.0.0
Php Php 5.0
Php Php 5.1.6
Php Php 5.2.0
Php Php 4.2.2
Php Php 4.2.3
2 EDB exploits
755
VMScore
CVE-2019-5434
An attacker could send a specifically crafted payload to the XML-RPC invocation script and trigger the unserialize() call on the "what" parameter in the "openads.spc" RPC method. Such vulnerability could be used to perform various types of attacks, e.g. exploi...
Revive-sas Revive Adserver
1 EDB exploit
755
VMScore
CVE-2015-5074
Incomplete blacklist vulnerability in the FileUploadsFilter class in protected/components/filters/FileUploadsFilter.php in X2Engine X2CRM prior to 5.0.9 allows remote authenticated users to execute arbitrary PHP code by uploading a file with a .pht extension.
X2engine X2crm
1 EDB exploit
755
VMScore
CVE-2009-4018
The proc_open function in ext/standard/proc_open.c in PHP prior to 5.2.11 and 5.3.x prior to 5.3.1 does not enforce the (1) safe_mode_allowed_env_vars and (2) safe_mode_protected_env_vars directives, which allows context-dependent malicious users to execute programs with an arbit...
Php Php 4.3.1
Php Php 4.3.2
Php Php 4.1.0
Php Php 4.2.1
Php Php 4.4.7
Php Php 5.0
Php Php 4.3.9
Php Php 4.4.0
Php Php 5.0.4
Php Php 5.0.3
Php Php 5.0.0
Php Php 1.0
Php Php 4
Php Php 3.0.2
Php Php 3.0.18
Php Php 4.0
Php Php 3.0.9
Php Php 4.0.1
Php Php 4.0.5
Php Php 4.0.4
Php Php 4.3.11
Php Php 4.3.4
1 EDB exploit
755
VMScore
CVE-2007-1890
Integer overflow in the msg_receive function in PHP 4 prior to 4.4.5 and PHP 5 prior to 5.2.1, on FreeBSD and possibly other platforms, allows context-dependent malicious users to execute arbitrary code via certain maxsize values, as demonstrated by 0xffffffff.
Php Php 4.0.3
Php Php 4.0.7
Php Php 4.1.0
Php Php 4.2
Php Php 4.3.0
Php Php 4.3.5
Php Php 4.3.6
Php Php 4.4.4
Php Php 5.0.0
Php Php 5.0.1
Php Php 5.0
Php Php 5.1.0
Php Php 5.2.0
Php Php 4.0.0
Php Php 4.0.4
Php Php 4.1.1
Php Php 4.1.2
Php Php 4.3.1
Php Php 4.3.10
Php Php 4.3.7
Php Php 4.3.8
Php Php 5.0.2
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »