Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php php 4.0.2 vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2009-2304
index.php in Aardvark Topsites PHP 5.2.0 and previous versions allows remote malicious users to obtain sensitive information via a nonexistent account name in the u parameter in a rate action, which reveals the installation path in an error message.
Avatic Aardvark Topsites Php
Avatic Aardvark Topsites Php 5.1.2
Avatic Aardvark Topsites Php 5.0.3
Avatic Aardvark Topsites Php 5
Avatic Aardvark Topsites Php 4.2.2
Avatic Aardvark Topsites Php 4.1.1
Avatic Aardvark Topsites Php 4.0.2
668
VMScore
CVE-2006-4433
PHP prior to 4.4.3 and 5.x prior to 5.1.4 does not limit the character set of the session identifier (PHPSESSID) for third party session handlers, which might make it easier for remote malicious users to exploit other vulnerabilities by inserting PHP code into the PHPSESSID, whic...
Php Php 4.0.1
Php Php 4.0.7
Php Php 4.0
Php Php 4.2.2
Php Php 4.2.3
Php Php 4.3.4
Php Php 4.3.5
Php Php 4.4.2
Php Php 5.0.0
Php Php 5.0.1
Php Php 5.0.2
Php Php 5.1.0
Php Php 4.0.0
Php Php 4.0.5
Php Php 4.0.6
Php Php 4.2.0
Php Php 4.2.1
Php Php 4.3.2
Php Php 4.3.3
Php Php 4.4.0
Php Php 4.4.1
Php Php 5.0
265
VMScore
CVE-2006-1494
Directory traversal vulnerability in file.c in PHP 4.4.2 and 5.1.2 allows local users to bypass open_basedir restrictions allows remote malicious users to create files in arbitrary directories via the tempnam function.
Php Php 4.0
Php Php 4.0.0
Php Php 4.0.4
Php Php 4.1.2
Php Php 4.2.0
Php Php 4.3.10
Php Php 4.0.1
Php Php 4.0.2
Php Php 4.0.7
Php Php 4.2.3
Php Php 4.2
Php Php 4.3.4
Php Php 4.3.5
Php Php 5.0.0
Php Php 5.0.1
Php Php 5.0.2
Php Php 5.1.0
Php Php 4.0.5
Php Php 4.0.6
Php Php 4.2.1
Php Php 4.2.2
Php Php 4.3.2
1 EDB exploit
215
VMScore
CVE-2006-1608
The copy function in file.c in PHP 4.4.2 and 5.1.2 allows local users to bypass safe mode and read arbitrary files via a source argument containing a compress.zlib:// URI.
Php Php 4.0.0
Php Php 4.0.1
Php Php 4.0.4
Php Php 4.0.5
Php Php 4.0
Php Php 4.2.0
Php Php 4.2.1
Php Php 4.3.11
Php Php 4.3.2
Php Php 4.4.0
Php Php 4.4.1
Php Php 5.0.0
Php Php 5.0
Php Php 4.0.2
Php Php 4.0.3
Php Php 4.0.7
Php Php 4.1.0
Php Php 4.2
Php Php 4.3.0
Php Php 4.3.5
Php Php 4.3.6
Php Php 4.3.7
1 EDB exploit
570
VMScore
CVE-2008-7068
The dba_replace function in PHP 5.2.6 and 4.x allows context-dependent malicious users to cause a denial of service (file truncation) via a key with the NULL byte. NOTE: this might only be a vulnerability in limited circumstances in which the attacker can modify or add database e...
Php Php 4.1.0
Php Php 4.0.0
Php Php 4.0
Php Php 4.0.3
Php Php 4.0.7
Php Php 4.3.4
Php Php 4.3.3
Php Php 4.2.2
Php Php 4.3.0
Php Php 4.3.8
Php Php 4.3.9
Php Php 4.2.0
Php Php 4.0.1
Php Php 4.0.5
Php Php 4.0.4
Php Php 4.3.2
Php Php 4.3.11
Php Php 4.2
Php Php 4.4.9
Php Php 4.3.7
Php Php 4.4.4
Php Php 5.2.6
465
VMScore
CVE-2006-4020
scanf.c in PHP 5.1.4 and previous versions, and 4.4.3 and previous versions, allows context-dependent malicious users to execute arbitrary code via a sscanf PHP function call that performs argument swapping, which increments an index past the end of an array and triggers a buffer...
Php Php 4.3.9
Php Php 4.0
Php Php 5.1.2
Php Php 4.2.0
Php Php 5.1.1
Php Php 5.0.0
Php Php 4.1.0
Php Php 4.3.4
Php Php 4.0.4
Php Php 4.3.0
Php Php 4.0.5
Php Php 5.0
Php Php 5.0.5
Php Php 4.3.6
Php Php 5.0.1
Php Php 5.1.4
Php Php 4.0.7
Php Php 4.3.7
Php Php 5.0.4
Php Php 4.2.2
Php Php 4.4.2
Php Php 4.3.2
1 EDB exploit
625
VMScore
CVE-2006-5178
Race condition in the symlink function in PHP 5.1.6 and previous versions allows local users to bypass the open_basedir restriction by using a combination of symlink, mkdir, and unlink functions to change the file path after the open_basedir check and before the file is opened by...
Php Php 4.0.1
Php Php 4.0.7
Php Php 4.2.1
Php Php 4.2.2
Php Php 4.3.3
Php Php 4.3.4
Php Php 4.4.1
Php Php 4.4.2
Php Php 5.0.4
Php Php 5.0.5
Php Php 5.1.4
Php Php 5.1.5
Php Php 4.0
Php Php 4.0.5
Php Php 4.0.6
Php Php 4.1.2
Php Php 4.2.0
Php Php 4.3.11
Php Php 4.3.2
Php Php 4.3.9
Php Php 4.4.0
Php Php 5.0.2
1 EDB exploit
1 Github repository
755
VMScore
CVE-2007-1825
Buffer overflow in the imap_mail_compose function in PHP 5 prior to 5.2.1, and PHP 4 prior to 4.4.5, allows remote malicious users to execute arbitrary code via a long boundary string in a type.parameters field. NOTE: as of 20070411, it appears that this issue might be subsumed b...
Php Php 4.0.0
Php Php 4.0.1
Php Php 4.0.2
Php Php 4.0.7
Php Php 4.2.2
Php Php 4.2.3
Php Php 4.3.3
Php Php 4.3.4
Php Php 4.4.1
Php Php 4.4.2
Php Php 5.0.5
Php Php 5.0
Php Php 5.1.3
Php Php 5.1.4
Php Php 4.0.5
Php Php 4.0.6
Php Php 4.2.0
Php Php 4.2.1
Php Php 4.3.11
Php Php 4.3.2
Php Php 4.3.9
Php Php 4.4.0
1 EDB exploit
445
VMScore
CVE-2009-2303
index.php in Aardvark Topsites PHP 5.2.1 and previous versions allows remote malicious users to obtain sensitive information via a negative integer value for the start parameter in a search action, which reveals the installation path in an error message.
Avatic Aardvark Topsites Php 5
Avatic Aardvark Topsites Php 5.1.2
Avatic Aardvark Topsites Php 4.0.2
Avatic Aardvark Topsites Php 4.2.2
Avatic Aardvark Topsites Php 4.1.1
Avatic Aardvark Topsites Php 5.2.0
Avatic Aardvark Topsites Php 5.0.3
Avatic Aardvark Topsites Php
365
VMScore
CVE-2006-4625
PHP 4.x up to 4.4.4 and PHP 5 up to 5.1.6 allows local users to bypass certain Apache HTTP Server httpd.conf options, such as safe_mode and open_basedir, via the ini_restore function, which resets the values to their php.ini (Master Value) defaults.
Php Php 4.0.1
Php Php 4.0.7
Php Php 4.2.1
Php Php 4.2.2
Php Php 4.3.3
Php Php 4.3.4
Php Php 4.4.2
Php Php 4.4.3
Php Php 5.0.5
Php Php 5.0
Php Php 5.1.5
Php Php 5.1.6
Php Php 4.0.2
Php Php 4.0.3
Php Php 4.2.3
Php Php 4.2
Php Php 4.3.0
Php Php 4.3.5
Php Php 4.3.6
Php Php 4.4.4
Php Php 5.0.0
Php Php 5.1.0
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49333
CVE-2024-33901
CVE-2024-36001
CVE-2024-2835
firewall
XPath injection
authentication bypass
CVE-2024-22120
CVE-2024-32002
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »