Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php php 4.0 vulnerabilities and exploits
(subscribe to this query)
771
VMScore
CVE-2012-2311
sapi/cgi/cgi_main.c in PHP prior to 5.3.13 and 5.4.x prior to 5.4.3, when configured as a CGI script (aka php-cgi), does not properly handle query strings that contain a %3D sequence but no = (equals sign) character, which allows remote malicious users to execute arbitrary code b...
Php Php 4.3.9
Php Php 4.4.9
Php Php 3.0
Php Php 5.2.9
Php Php 4.0
Php Php 3.0.5
Php Php 3.0.11
Php Php 5.3.10
Php Php 5.1.5
Php Php 5.3.6
Php Php 5.3.9
Php Php 5.1.2
Php Php 5.3.1
Php Php 4.2.0
Php Php 5.1.1
Php Php 3.0.1
Php Php 5.2.14
Php Php 3.0.2
Php Php 4.4.4
Php Php 5.0.0
Php Php 4.1.0
Php Php 5.1.6
4 EDB exploits
2 Github repositories
765
VMScore
CVE-2008-2565
Multiple SQL injection vulnerabilities in PHP Address Book 3.1.5 and previous versions allow remote malicious users to execute arbitrary SQL commands via the id parameter to (1) view.php and (2) edit.php. NOTE: it was later reported that 4.0.x is also affected.
Php-address Book Php-address Book 2.0
Php-address Book Php-address Book 3.4.8
Php-address Book Php-address Book 2.2
Php-address Book Php-address Book 3.4.4
Php-address Book Php-address Book 2.4
Php-address Book Php-address Book 3.4.1
Php-address Book Php-address Book 3.1
Php-address Book Php-address Book 3.1.2
Php-address Book Php-address Book 1.2
Php-address Book Php-address Book 3.4.2
Php-address Book Php-address Book 3.3.17
Php-address Book Php-address Book
Php-address Book Php-address Book 3.4.7
Php-address Book Php-address Book 2.1
Php-address Book Php-address Book 3.1.5
Php-address Book Php-address Book 3.1.1
Php-address Book Php-address Book 3.1.3
Php-address Book Php-address Book 3.0
Php-address Book Php-address Book 3.3.16
Php-address Book Php-address Book 3.1.4
Php-address Book Php-address Book 3.3.18
Php-address Book Php-address Book 3.4.3
3 EDB exploits
765
VMScore
CVE-2003-0166
Integer signedness error in emalloc() function for PHP prior to 4.3.2 allow remote malicious users to cause a denial of service (memory consumption) and possibly execute arbitrary code via negative arguments to functions such as (1) socket_recv, (2) socket_recvfrom, and possibly ...
Php Php 4.2.0
Php Php 4.1.0
Php Php 4.0.4
Php Php 4.3.0
Php Php 4.0.5
Php Php 4.2.2
Php Php 4.0.7
Php Php 4.0.2
Php Php 4.1.1
Php Php 4.2.3
Php Php 4.0
Php Php 4.0.6
Php Php 4.1.2
Php Php 4.3.1
Php Php 4.2.1
Php Php 4.0.1
Php Php 4.0.3
3 EDB exploits
765
VMScore
CVE-2002-0229
Safe Mode feature (safe_mode) in PHP 3.0 up to and including 4.1.0 allows attackers with access to the MySQL database to bypass Safe Mode access restrictions and read arbitrary files using "LOAD DATA INFILE LOCAL" SQL statements.
Php Php 3.0
Php Php 3.0.5
Php Php 3.0.11
Php Php 3.0.1
Php Php 3.0.2
Php Php 4.1.0
Php Php 4.0.4
Php Php 4.0.5
Php Php 3.0.8
Php Php 3.0.13
Php Php 3.0.7
Php Php 3.0.6
Php Php 3.0.16
Php Php 3.0.10
Php Php 3.0.4
Php Php 4.0
Php Php 4.0.1
Php Php 4.0.6
Php Php 4.1.2
Php Php 3.0.12
Php Php 4.0.3
Php Php 3.0.9
3 EDB exploits
760
VMScore
CVE-2007-1376
The shmop functions in PHP prior to 4.4.5, and prior to 5.2.1 in the 5.x series, do not verify that their arguments correspond to a shmop resource, which allows context-dependent malicious users to read and write arbitrary memory locations via arguments associated with an inappro...
Php Php 4.3.9
Php Php 4.0
Php Php 5.1.5
Php Php 5.1.2
Php Php 4.2.0
Php Php 5.1.1
Php Php 4.4.4
Php Php 5.0.0
Php Php 4.1.0
Php Php 5.1.6
Php Php 4.3.4
Php Php 4.0.4
Php Php 4.3.0
Php Php 4.0.5
Php Php 5.0
Php Php 5.0.5
Php Php 4.3.6
Php Php 5.0.1
Php Php 5.1.4
Php Php 4.0.7
Php Php 4.3.7
Php Php 5.0.4
2 EDB exploits
760
VMScore
CVE-2006-7128
PHP remote file inclusion vulnerability in forum/forum.php JAF CMS 4.0 RC1 allows remote malicious users to execute arbitrary PHP code via a URL in the website parameter.
Salims Softhouse Jaf Cms 4.0
2 EDB exploits
760
VMScore
CVE-2005-4087
PHP remote file include vulnerability in acceptDecline.php in Sugar Suite Open Source Customer Relationship Management (SugarCRM) 4.0 beta and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the beanFiles array parameter.
Sugarcrm Sugar Suite 3.5
Sugarcrm Sugar Suite 4.0 Beta
2 EDB exploits
760
VMScore
CVE-2004-1870
Multiple SQL injection vulnerabilities in PhotoPost PHP Pro 4.6.x and previous versions allow remote malicious users to gain users' passwords via the (1) photo parameter to addfav.php, (2) photo parameter to comments.php, (3) credit parameter to comments.php, (4) cat paramet...
Photopost Photopost Php Pro 4.0
Photopost Photopost Php Pro 3.1
Photopost Photopost Php Pro 4.1
Photopost Photopost Php Pro 3.3
Photopost Photopost Php Pro 4.6
Photopost Photopost Php Pro 4.8.1
Photopost Photopost Php Pro 3.2
2 EDB exploits
756
VMScore
CVE-2016-5734
phpMyAdmin 4.0.x prior to 4.0.10.16, 4.4.x prior to 4.4.15.7, and 4.6.x prior to 4.6.3 does not properly choose delimiters to prevent use of the preg_replace e (aka eval) modifier, which might allow remote malicious users to execute arbitrary PHP code via a crafted string, as dem...
Phpmyadmin Phpmyadmin 4.0.10.15
Phpmyadmin Phpmyadmin 4.0.0
Phpmyadmin Phpmyadmin 4.0.5
Phpmyadmin Phpmyadmin 4.0.3
Phpmyadmin Phpmyadmin 4.0.10.10
Phpmyadmin Phpmyadmin 4.0.10.13
Phpmyadmin Phpmyadmin 4.0.7
Phpmyadmin Phpmyadmin 4.0.10
Phpmyadmin Phpmyadmin 4.0.10.4
Phpmyadmin Phpmyadmin 4.0.8
Phpmyadmin Phpmyadmin 4.0.2
Phpmyadmin Phpmyadmin 4.0.10.1
Phpmyadmin Phpmyadmin 4.0.10.14
Phpmyadmin Phpmyadmin 4.0.6
Phpmyadmin Phpmyadmin 4.0.10.9
Phpmyadmin Phpmyadmin 4.0.4.1
Phpmyadmin Phpmyadmin 4.0.1
Phpmyadmin Phpmyadmin 4.0.10.7
Phpmyadmin Phpmyadmin 4.0.10.6
Phpmyadmin Phpmyadmin 4.0.10.3
Phpmyadmin Phpmyadmin 4.0.4.2
Phpmyadmin Phpmyadmin 4.0.10.11
1 EDB exploit
4 Github repositories
755
VMScore
CVE-2014-2044
Incomplete blacklist vulnerability in ajax/upload.php in ownCloud prior to 5.0, when running on Windows, allows remote authenticated users to bypass intended access restrictions, upload files with arbitrary names, and execute arbitrary code via an Alternate Data Stream (ADS) synt...
Owncloud Owncloud 4.0.3
Owncloud Owncloud 4.0.0
Owncloud Owncloud
Owncloud Owncloud 4.5.12
Owncloud Owncloud 4.0.11
Owncloud Owncloud 4.5.1
Owncloud Owncloud 4.0.13
Owncloud Owncloud 4.5.11
Owncloud Owncloud 3.0.3
Owncloud Owncloud 4.0.10
Owncloud Owncloud 4.5.7
Owncloud Owncloud 4.5.9
Owncloud Owncloud 4.0.14
Owncloud Owncloud 4.0.8
Owncloud Owncloud 4.0.1
Owncloud Owncloud 4.0.6
Owncloud Owncloud 4.0.5
Owncloud Owncloud 4.0.16
Owncloud Owncloud 4.5.0
Owncloud Owncloud 4.5.2
Owncloud Owncloud 4.0.2
Owncloud Owncloud 3.0.0
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23692
CVE-2012-1823
memory leak
CVE-2024-0627
CVE-2024-31402
privilege escalation
CVE-2024-36418
remote code execution
CVE-2024-27844
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »