Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php php 3.0 vulnerabilities and exploits
(subscribe to this query)
771
VMScore
CVE-2012-2311
sapi/cgi/cgi_main.c in PHP prior to 5.3.13 and 5.4.x prior to 5.4.3, when configured as a CGI script (aka php-cgi), does not properly handle query strings that contain a %3D sequence but no = (equals sign) character, which allows remote malicious users to execute arbitrary code b...
Php Php 4.3.9
Php Php 4.4.9
Php Php 3.0
Php Php 5.2.9
Php Php 4.0
Php Php 3.0.5
Php Php 3.0.11
Php Php 5.3.10
Php Php 5.1.5
Php Php 5.3.6
Php Php 5.3.9
Php Php 5.1.2
Php Php 5.3.1
Php Php 4.2.0
Php Php 5.1.1
Php Php 3.0.1
Php Php 5.2.14
Php Php 3.0.2
Php Php 4.4.4
Php Php 5.0.0
Php Php 4.1.0
Php Php 5.1.6
4 EDB exploits
2 Github repositories
765
VMScore
CVE-2008-2565
Multiple SQL injection vulnerabilities in PHP Address Book 3.1.5 and previous versions allow remote malicious users to execute arbitrary SQL commands via the id parameter to (1) view.php and (2) edit.php. NOTE: it was later reported that 4.0.x is also affected.
Php-address Book Php-address Book 2.0
Php-address Book Php-address Book 3.4.8
Php-address Book Php-address Book 2.2
Php-address Book Php-address Book 3.4.4
Php-address Book Php-address Book 2.4
Php-address Book Php-address Book 3.4.1
Php-address Book Php-address Book 3.1
Php-address Book Php-address Book 3.1.2
Php-address Book Php-address Book 1.2
Php-address Book Php-address Book 3.4.2
Php-address Book Php-address Book 3.3.17
Php-address Book Php-address Book
Php-address Book Php-address Book 3.4.7
Php-address Book Php-address Book 2.1
Php-address Book Php-address Book 3.1.5
Php-address Book Php-address Book 3.1.1
Php-address Book Php-address Book 3.1.3
Php-address Book Php-address Book 3.0
Php-address Book Php-address Book 3.3.16
Php-address Book Php-address Book 3.1.4
Php-address Book Php-address Book 3.3.18
Php-address Book Php-address Book 3.4.3
3 EDB exploits
765
VMScore
CVE-2002-0229
Safe Mode feature (safe_mode) in PHP 3.0 up to and including 4.1.0 allows attackers with access to the MySQL database to bypass Safe Mode access restrictions and read arbitrary files using "LOAD DATA INFILE LOCAL" SQL statements.
Php Php 3.0
Php Php 3.0.5
Php Php 3.0.11
Php Php 3.0.1
Php Php 3.0.2
Php Php 4.1.0
Php Php 4.0.4
Php Php 4.0.5
Php Php 3.0.8
Php Php 3.0.13
Php Php 3.0.7
Php Php 3.0.6
Php Php 3.0.16
Php Php 3.0.10
Php Php 3.0.4
Php Php 4.0
Php Php 4.0.1
Php Php 4.0.6
Php Php 4.1.2
Php Php 3.0.12
Php Php 4.0.3
Php Php 3.0.9
3 EDB exploits
760
VMScore
CVE-2005-0781
SQL injection vulnerability in (1) viewall.php and (2) category.php in paFileDB 3.1 and previous versions allows remote malicious users to execute arbitrary SQL commands via the start parameter to pafiledb.php.
Php Arena Pafiledb 3.0
Php Arena Pafiledb 2.1.1
Php Arena Pafiledb 3.1
Php Arena Pafiledb 3.0 Beta 3.1
Php Arena Pafiledb 1.1.3
2 EDB exploits
760
VMScore
CVE-2005-0511
misc.php for vBulletin 3.0.6 and previous versions, when "Add Template Name in HTML Comments" is enabled, allows remote malicious users to execute arbitrary PHP code via nested variables in the template parameter.
Jelsoft Vbulletin 2.2.0
Jelsoft Vbulletin 3.0.4
Jelsoft Vbulletin 3.0.0 Rc4
Jelsoft Vbulletin 2.3.0
Jelsoft Vbulletin 3.0.1
Jelsoft Vbulletin 2.2.9 Can
Jelsoft Vbulletin 3.0.0 Beta 2
Jelsoft Vbulletin 3.0.6
Jelsoft Vbulletin 2.2.1
Jelsoft Vbulletin 2.0.2
Jelsoft Vbulletin 2.0
Jelsoft Vbulletin 2.0.1
Jelsoft Vbulletin 2.2.7
Jelsoft Vbulletin 3.0.0 Can4
Jelsoft Vbulletin 2.0 Beta 2
Jelsoft Vbulletin 2.2.4
Jelsoft Vbulletin 3.0 Beta 2
Jelsoft Vbulletin 2.2.2
Jelsoft Vbulletin 2.2.5
Jelsoft Vbulletin 2.0 Beta 3
Jelsoft Vbulletin 3.0.0
Jelsoft Vbulletin 2.2.6
2 EDB exploits
755
VMScore
CVE-2011-4906
Tiny browser in TinyMCE 3.0 editor in Joomla! prior to 1.5.13 allows file upload and arbitrary PHP code execution.
Tiny Tinybrowser
1 EDB exploit
755
VMScore
CVE-2017-17098
The writeLog function in fn_common.php in gps-server.net GPS Tracking Software (self hosted) up to and including 3.0 allows remote malicious users to inject arbitrary PHP code via a crafted request that is mishandled during admin log viewing, as demonstrated by <?php system($_...
Gps-server Gps Tracking Software
1 EDB exploit
755
VMScore
CVE-2014-8684
CodeIgniter prior to 3.0 and Kohana 3.2.3 and previous versions and 3.3.x up to and including 3.3.2 make it easier for remote malicious users to spoof session cookies and consequently conduct PHP object injection attacks by leveraging use of standard string comparison operators t...
Kohanaframework Kohana 3.3.0
Kohanaframework Kohana 3.3.1
Kohanaframework Kohana 3.2.3
Codeigniter Codeigniter
1 EDB exploit
755
VMScore
CVE-2013-1453
plugins/system/highlight/highlight.php in Joomla! 3.0.x up to and including 3.0.2 and 2.5.x up to and including 2.5.8 allows malicious users to unserialize arbitrary PHP objects to obtain sensitive information, delete arbitrary directories, conduct SQL injection attacks, and poss...
Joomla Joomla! 2.5.7
Joomla Joomla! 2.5.8
Joomla Joomla! 3.0.2
Joomla Joomla! 2.5.2
Joomla Joomla! 2.5.1
Joomla Joomla! 3.0.1
Joomla Joomla! 2.5.3
Joomla Joomla! 2.5.4
Joomla Joomla! 2.5.6
Joomla Joomla! 2.5.5
Joomla Joomla! 3.0.0
Joomla Joomla! 2.5.0
1 EDB exploit
755
VMScore
CVE-2012-6509
Unrestricted file upload vulnerability in NetArt Media Car Portal 3.0 allows remote malicious users to execute arbitrary PHP code by uploading a file a double extension, as demonstrated by .php%00.jpg.
Netartmedia Car Portal 3.0
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-30078
CVE-2024-37896
code injection
CVE-2024-3080
CVE-2024-5172
cross-site request forgery
CVE-2024-6111
firmware
CVE-2024-38504
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »