Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php php 3.0.4 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2016-2403
Symfony prior to 2.8.6 and 3.x prior to 3.0.6 allows remote malicious users to bypass authentication by logging in with an empty password and valid username, which triggers an unauthenticated bind.
Sensiolabs Symfony 2.8.1
Sensiolabs Symfony 2.8.2
Sensiolabs Symfony 2.8.3
Sensiolabs Symfony 3.0.4
Sensiolabs Symfony 3.0.5
Sensiolabs Symfony 2.8.4
Sensiolabs Symfony 2.8.5
Sensiolabs Symfony 3.0.0
Sensiolabs Symfony 3.0.1
Sensiolabs Symfony 2.8.0
Sensiolabs Symfony 3.0.2
Sensiolabs Symfony 3.0.3
7.5
CVSSv2
CVE-2016-3154
The encoder_contexte_ajax function in ecrire/inc/filtres.php in SPIP 2.x prior to 2.1.19, 3.0.x prior to 3.0.22, and 3.1.x prior to 3.1.1 allows remote malicious users to conduct PHP object injection attacks and execute arbitrary PHP code via a crafted serialized object.
Spip Spip 3.0.1
Spip Spip 3.0.0
Spip Spip 3.0.9
Spip Spip 3.0.8
Spip Spip 2.1.7
Spip Spip 2.1.6
Spip Spip 2.1.5
Spip Spip 2.1.4
Spip Spip 2.0.9
Spip Spip 2.0.8
Spip Spip 2.0.7
Spip Spip 2.0.6
Spip Spip 2.0.14
Spip Spip 2.0.13
Spip Spip 2.0.12
Spip Spip 2.0.11
Spip Spip 3.1.0
Spip Spip 3.0.14
Spip Spip 3.0.15
Spip Spip 3.0.16
Spip Spip 3.0.17
Spip Spip 2.1.17
7.5
CVSSv2
CVE-2016-3153
SPIP 2.x prior to 2.1.19, 3.0.x prior to 3.0.22, and 3.1.x prior to 3.1.1 allows remote malicious users to execute arbitrary PHP code by adding content, related to the filtrer_entites function.
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Spip Spip 3.0.0
Spip Spip 3.0.9
Spip Spip 3.0.8
Spip Spip 3.0.7
Spip Spip 2.1.6
Spip Spip 2.1.5
Spip Spip 2.1.4
Spip Spip 2.1.3
Spip Spip 2.0.8
Spip Spip 3.1.0
Spip Spip 3.0.20
Spip Spip 3.0.2
Spip Spip 3.0.14
Spip Spip 3.0.15
Spip Spip 3.0.16
Spip Spip 3.0.17
Spip Spip 2.1.15
Spip Spip 2.1.14
Spip Spip 2.1.13
Spip Spip 2.1.12
7.5
CVSSv2
CVE-2014-8350
Smarty prior to 3.1.21 allows remote malicious users to bypass the secure mode restrictions and execute arbitrary PHP code as demonstrated by "{literal}<{/literal}script language=php>" in a template.
Smarty Smarty 3.1.16
Smarty Smarty 3.1.15
Smarty Smarty 3.1.6
Smarty Smarty 3.1.5
Smarty Smarty 3.1.19
Smarty Smarty 3.1.18
Smarty Smarty 3.1.17
Smarty Smarty 3.1.8
Smarty Smarty 3.1.7
Smarty Smarty 3.1.10
Smarty Smarty 3.1.1
Smarty Smarty 3.0.2
Smarty Smarty 3.0.1
Smarty Smarty 3.0.0
Smarty Smarty 2.6.4
Smarty Smarty 2.6.3
Smarty Smarty 2.6.17
Smarty Smarty 2.6.16
Smarty Smarty 2.6.1
Smarty Smarty 2.6.0
Smarty Smarty 2.4.2
Smarty Smarty 2.4.1
7.5
CVSSv2
CVE-2013-4557
The Security Screen (_core_/securite/ecran_securite.php) prior to 1.1.8 for SPIP, as used in SPIP 3.0.x prior to 3.0.12, allows remote malicious users to execute arbitrary PHP via the connect parameter.
Spip Spip 3.0.0
Spip Spip 3.0.1
Spip Spip 3.0.8
Spip Spip 3.0.9
Spip Spip 3.0.4
Spip Spip 3.0.5
Spip Spip 3.0.2
Spip Spip 3.0.3
Spip Spip 3.0.10
Spip Spip 3.0.11
Spip Spip 3.0.6
Spip Spip 3.0.7
7.5
CVSSv2
CVE-2013-1635
ext/soap/soap.c in PHP prior to 5.3.22 and 5.4.x prior to 5.4.13 does not validate the relationship between the soap.wsdl_cache_dir directive and the open_basedir directive, which allows remote malicious users to bypass intended access restrictions by triggering the creation of c...
Php Php 4.3.9
Php Php 4.4.9
Php Php 3.0
Php Php
Php Php 5.2.9
Php Php 4.0
Php Php 3.0.5
Php Php 3.0.11
Php Php 5.3.10
Php Php 5.1.5
Php Php 5.3.6
Php Php 5.3.9
Php Php 5.1.2
Php Php 5.3.1
Php Php 4.2.0
Php Php 5.1.1
Php Php 3.0.1
Php Php 5.3.18
Php Php 5.2.14
Php Php 3.0.2
Php Php 4.4.4
Php Php 5.0.0
7.5
CVSSv2
CVE-2012-4343
Multiple unspecified vulnerabilities in Gallery 3 prior to 3.0.4 allow malicious users to execute arbitrary PHP code via unknown vectors.
Menalto Gallery 3.0.2
Menalto Gallery 3.0
Menalto Gallery 3.0.1
Menalto Gallery
7.5
CVSSv2
CVE-2012-2965
Caucho Quercus, as distributed in Resin prior to 4.0.29, does not properly handle unspecified characters in the names of variables, which has unknown impact and remote attack vectors, related to an "HTTP Parameter Contamination" issue.
Caucho Resin 4.0.6
Caucho Resin 4.0.12
Caucho Resin 4.0.2
Caucho Resin 4.0.21
Caucho Resin 4.0.13
Caucho Resin 4.0.15
Caucho Resin 4.0.20
Caucho Resin 3.1.12
Caucho Resin 3.1.10
Caucho Resin 3.1.8
Caucho Resin 3.0.13
Caucho Resin 3.0.11
Caucho Resin 3.0.20
Caucho Resin 3.0.19
Caucho Resin 3.0.4
Caucho Resin 2.1.12
Caucho Resin 2.1.8
Caucho Resin 2.1.10
Caucho Resin 2.1.5
Caucho Resin 2.0.3
Caucho Resin 2.1.1
Caucho Resin 4.0.10
7.5
CVSSv2
CVE-2012-2966
Caucho Quercus, as distributed in Resin prior to 4.0.29, overwrites entries in the SERVER superglobal array on the basis of POST parameters, which has unspecified impact and remote attack vectors.
Caucho Resin 4.0.5
Caucho Resin 4.0.12
Caucho Resin 4.0.11
Caucho Resin 4.0.10
Caucho Resin 4.0.27
Caucho Resin 4.0.13
Caucho Resin 4.0.14
Caucho Resin 4.0.15
Caucho Resin 4.0.16
Caucho Resin 3.1.10
Caucho Resin 3.1.7
Caucho Resin 3.1.8
Caucho Resin 3.0.1
Caucho Resin 3.0.18
Caucho Resin 3.0.19
Caucho Resin 3.1.1
Caucho Resin 3.1.0
Caucho Resin 2.1.8
Caucho Resin 2.1.7
Caucho Resin 2.1.10
Caucho Resin 2.1.9
Caucho Resin 2.1.1
7.5
CVSSv2
CVE-2012-2967
Caucho Quercus, as distributed in Resin prior to 4.0.29, does not properly implement the == (equals sign equals sign) operator for comparisons, which has unspecified impact and context-dependent attack vectors.
Caucho Resin
Caucho Resin 4.0.8
Caucho Resin 4.0.22
Caucho Resin 4.0.23
Caucho Resin 4.0.24
Caucho Resin 4.0.25
Caucho Resin 3.1.5
Caucho Resin 3.1.6
Caucho Resin 3.0.2
Caucho Resin 3.1.4
Caucho Resin 3.0.11
Caucho Resin 3.0.16
Caucho Resin 3.0.17
Caucho Resin 3.0.14
Caucho Resin 3.0.15
Caucho Resin 2.1.13
Caucho Resin 2.1.snap
Caucho Resin 2.1.11
Caucho Resin 2.1.16
Caucho Resin 2.0.5
Caucho Resin 2.0.0
Caucho Resin 2.0.2
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2024-5274
CVE-2020-17519
CVE-2024-35340
CVE-2021-47558
local
XML injection
CVE-2021-47519
CVE-2021-47543
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »