Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php php 4.3.0 vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2006-4433
PHP prior to 4.4.3 and 5.x prior to 5.1.4 does not limit the character set of the session identifier (PHPSESSID) for third party session handlers, which might make it easier for remote malicious users to exploit other vulnerabilities by inserting PHP code into the PHPSESSID, whic...
Php Php 4.0.1
Php Php 4.0.7
Php Php 4.0
Php Php 4.2.2
Php Php 4.2.3
Php Php 4.3.4
Php Php 4.3.5
Php Php 4.4.2
Php Php 5.0.0
Php Php 5.0.1
Php Php 5.0.2
Php Php 5.1.0
Php Php 4.0.0
Php Php 4.0.5
Php Php 4.0.6
Php Php 4.2.0
Php Php 4.2.1
Php Php 4.3.2
Php Php 4.3.3
Php Php 4.4.0
Php Php 4.4.1
Php Php 5.0
890
VMScore
CVE-2008-5557
Heap-based buffer overflow in ext/mbstring/libmbfl/filters/mbfilter_htmlent.c in the mbstring extension in PHP 4.3.0 up to and including 5.2.6 allows context-dependent malicious users to execute arbitrary code via a crafted string containing an HTML entity, which is not properly ...
Php Php 4.3.2
Php Php 4.3.3
Php Php 4.3.10
Php Php 4.3.11
Php Php 4.4.2
Php Php 4.4.3
Php Php 5.0.0
Php Php 5.1.0
Php Php 5.1.1
Php Php 5.2.2
Php Php 5.2.3
Php Php 4.3.1
Php Php 4.3.0
Php Php 4.3.8
Php Php 4.3.9
Php Php 4.4.8
Php Php 4.4.9
Php Php 4.4.1
Php Php 5.0.4
Php Php 5.0.5
Php Php 5.2.0
Php Php 5.2.1
570
VMScore
CVE-2008-7068
The dba_replace function in PHP 5.2.6 and 4.x allows context-dependent malicious users to cause a denial of service (file truncation) via a key with the NULL byte. NOTE: this might only be a vulnerability in limited circumstances in which the attacker can modify or add database e...
Php Php 4.1.0
Php Php 4.0.0
Php Php 4.0
Php Php 4.0.3
Php Php 4.0.7
Php Php 4.3.4
Php Php 4.3.3
Php Php 4.2.2
Php Php 4.3.0
Php Php 4.3.8
Php Php 4.3.9
Php Php 4.2.0
Php Php 4.0.1
Php Php 4.0.5
Php Php 4.0.4
Php Php 4.3.2
Php Php 4.3.11
Php Php 4.2
Php Php 4.4.9
Php Php 4.3.7
Php Php 4.4.4
Php Php 5.2.6
465
VMScore
CVE-2006-4020
scanf.c in PHP 5.1.4 and previous versions, and 4.4.3 and previous versions, allows context-dependent malicious users to execute arbitrary code via a sscanf PHP function call that performs argument swapping, which increments an index past the end of an array and triggers a buffer...
Php Php 4.3.9
Php Php 4.0
Php Php 5.1.2
Php Php 4.2.0
Php Php 5.1.1
Php Php 5.0.0
Php Php 4.1.0
Php Php 4.3.4
Php Php 4.0.4
Php Php 4.3.0
Php Php 4.0.5
Php Php 5.0
Php Php 5.0.5
Php Php 4.3.6
Php Php 5.0.1
Php Php 5.1.4
Php Php 4.0.7
Php Php 4.3.7
Php Php 5.0.4
Php Php 4.2.2
Php Php 4.4.2
Php Php 4.3.2
1 EDB exploit
625
VMScore
CVE-2006-5178
Race condition in the symlink function in PHP 5.1.6 and previous versions allows local users to bypass the open_basedir restriction by using a combination of symlink, mkdir, and unlink functions to change the file path after the open_basedir check and before the file is opened by...
Php Php 4.0.1
Php Php 4.0.7
Php Php 4.2.1
Php Php 4.2.2
Php Php 4.3.3
Php Php 4.3.4
Php Php 4.4.1
Php Php 4.4.2
Php Php 5.0.4
Php Php 5.0.5
Php Php 5.1.4
Php Php 5.1.5
Php Php 4.0
Php Php 4.0.5
Php Php 4.0.6
Php Php 4.1.2
Php Php 4.2.0
Php Php 4.3.11
Php Php 4.3.2
Php Php 4.3.9
Php Php 4.4.0
Php Php 5.0.2
1 EDB exploit
1 Github repository
755
VMScore
CVE-2007-1825
Buffer overflow in the imap_mail_compose function in PHP 5 prior to 5.2.1, and PHP 4 prior to 4.4.5, allows remote malicious users to execute arbitrary code via a long boundary string in a type.parameters field. NOTE: as of 20070411, it appears that this issue might be subsumed b...
Php Php 4.0.0
Php Php 4.0.1
Php Php 4.0.2
Php Php 4.0.7
Php Php 4.2.2
Php Php 4.2.3
Php Php 4.3.3
Php Php 4.3.4
Php Php 4.4.1
Php Php 4.4.2
Php Php 5.0.5
Php Php 5.0
Php Php 5.1.3
Php Php 5.1.4
Php Php 4.0.5
Php Php 4.0.6
Php Php 4.2.0
Php Php 4.2.1
Php Php 4.3.11
Php Php 4.3.2
Php Php 4.3.9
Php Php 4.4.0
1 EDB exploit
365
VMScore
CVE-2006-4625
PHP 4.x up to 4.4.4 and PHP 5 up to 5.1.6 allows local users to bypass certain Apache HTTP Server httpd.conf options, such as safe_mode and open_basedir, via the ini_restore function, which resets the values to their php.ini (Master Value) defaults.
Php Php 4.0.1
Php Php 4.0.7
Php Php 4.2.1
Php Php 4.2.2
Php Php 4.3.3
Php Php 4.3.4
Php Php 4.4.2
Php Php 4.4.3
Php Php 5.0.5
Php Php 5.0
Php Php 5.1.5
Php Php 5.1.6
Php Php 4.0.2
Php Php 4.0.3
Php Php 4.2.3
Php Php 4.2
Php Php 4.3.0
Php Php 4.3.5
Php Php 4.3.6
Php Php 4.4.4
Php Php 5.0.0
Php Php 5.1.0
1 EDB exploit
668
VMScore
CVE-2007-1885
Integer overflow in the str_replace function in PHP 4 prior to 4.4.5 and PHP 5 prior to 5.2.1 allows context-dependent malicious users to execute arbitrary code via a single character search string in conjunction with a long replacement string, which overflows a 32 bit length cou...
Php Php 4.0.1
Php Php 4.0.2
Php Php 4.0.7
Php Php 4.2.1
Php Php 4.2.2
Php Php 4.3.3
Php Php 4.3.4
Php Php 4.4.1
Php Php 4.0.3
Php Php 4.2.3
Php Php 4.2
Php Php 4.3.5
Php Php 4.3.6
Php Php 4.4.3
Php Php 4.4.4
Php Php 5.0.0
Php Php 5.0
Php Php 5.1.4
Php Php 5.1.5
Php Php 4.0.4
Php Php 4.1.0
Php Php 4.1.1
760
VMScore
CVE-2007-1376
The shmop functions in PHP prior to 4.4.5, and prior to 5.2.1 in the 5.x series, do not verify that their arguments correspond to a shmop resource, which allows context-dependent malicious users to read and write arbitrary memory locations via arguments associated with an inappro...
Php Php 4.0.1
Php Php 4.0.6
Php Php 4.0.7
Php Php 4.0.2
Php Php 4.0.3
Php Php 4.0
Php Php 4.0.0
Php Php 4.0.4
Php Php 4.0.5
Php Php 4.1.0
Php Php 4.2
Php Php 4.3.0
Php Php 4.3.5
Php Php 4.3.6
Php Php 4.4.4
Php Php 4.4.5
Php Php 5.0.0
Php Php 5.0
Php Php 5.1.6
Php Php 5.2.0
Php Php 4.2.2
Php Php 4.2.3
2 EDB exploits
231
VMScore
CVE-2007-2509
CRLF injection vulnerability in the ftp_putcmd function in PHP prior to 4.4.7, and 5.x prior to 5.2.2 allows remote malicious users to inject arbitrary FTP commands via CRLF sequences in the parameters to earlier FTP commands.
Php Php 4.0.1
Php Php 4.0.7
Php Php 4.2.1
Php Php 4.2.2
Php Php 4.3.3
Php Php 4.3.4
Php Php 4.4.2
Php Php 4.4.3
Php Php 5.0.3
Php Php 5.0.4
Php Php 5.1.1
Php Php 5.1.2
Php Php 4.0.0
Php Php 4.0.4
Php Php 4.0.5
Php Php 4.0.6
Php Php 4.1.2
Php Php 4.2.0
Php Php 4.3.11
Php Php 4.3.2
Php Php 4.3.9
Php Php 4.4.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
denial of service
CVE-2024-27371
CVE-2024-20405
CVE-2024-31627
CVE-2024-31625
race condition
CVE-2024-4358
cross-site scripting
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »