Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php php 4.0 vulnerabilities and exploits
(subscribe to this query)
365
VMScore
CVE-2006-4625
PHP 4.x up to 4.4.4 and PHP 5 up to 5.1.6 allows local users to bypass certain Apache HTTP Server httpd.conf options, such as safe_mode and open_basedir, via the ini_restore function, which resets the values to their php.ini (Master Value) defaults.
Php Php 4.0.1
Php Php 4.0.7
Php Php 4.2.1
Php Php 4.2.2
Php Php 4.3.3
Php Php 4.3.4
Php Php 4.4.2
Php Php 4.4.3
Php Php 5.0.5
Php Php 5.0
Php Php 5.1.5
Php Php 5.1.6
Php Php 4.0.2
Php Php 4.0.3
Php Php 4.2.3
Php Php 4.2
Php Php 4.3.0
Php Php 4.3.5
Php Php 4.3.6
Php Php 4.4.4
Php Php 5.0.0
Php Php 5.1.0
1 EDB exploit
760
VMScore
CVE-2007-1376
The shmop functions in PHP prior to 4.4.5, and prior to 5.2.1 in the 5.x series, do not verify that their arguments correspond to a shmop resource, which allows context-dependent malicious users to read and write arbitrary memory locations via arguments associated with an inappro...
Php Php 4.0.1
Php Php 4.0.6
Php Php 4.0.7
Php Php 4.0.2
Php Php 4.0.3
Php Php 4.0
Php Php 4.0.0
Php Php 4.0.4
Php Php 4.0.5
Php Php 4.1.0
Php Php 4.2
Php Php 4.3.0
Php Php 4.3.5
Php Php 4.3.6
Php Php 4.4.4
Php Php 4.4.5
Php Php 5.0.0
Php Php 5.0
Php Php 5.1.6
Php Php 5.2.0
Php Php 4.2.2
Php Php 4.2.3
2 EDB exploits
828
VMScore
CVE-2007-2844
PHP 4.x and 5.x prior to 5.2.1, when running on multi-threaded systems, does not ensure thread safety for libc crypt function calls using protection schemes such as a mutex, which creates race conditions that allow remote malicious users to overwrite internal program memory and g...
Php Php 4.0.3
Php Php 4.0.7
Php Php 4.0
Php Php 4.1.0
Php Php 4.3.1
Php Php 4.3.10
Php Php 4.3.7
Php Php 4.3.8
Php Php 4.4.5
Php Php 4.4.6
Php Php 5.0.0
Php Php 5.0.1
Php Php 4.0.0
Php Php 4.0.1
Php Php 4.0.5
Php Php 4.0.6
Php Php 4.2.1
Php Php 4.2.2
Php Php 4.3.3
Php Php 4.3.4
Php Php 4.4.1
Php Php 4.4.2
755
VMScore
CVE-2007-1700
The session extension in PHP 4 prior to 4.4.5, and PHP 5 prior to 5.2.1, calculates the reference count for the session variables without considering the internal pointer from the session globals, which allows context-dependent malicious users to execute arbitrary code via a craf...
Php Php 4.0.0
Php Php 4.0.1
Php Php 4.0.4
Php Php 4.0.5
Php Php 4.0
Php Php 4.2.0
Php Php 4.2.1
Php Php 4.3.11
Php Php 4.3.2
Php Php 4.4.0
Php Php 4.4.1
Php Php 5.0.0
Php Php 5.0.4
Php Php 5.0.5
Php Php 5.0
Php Php 5.1.3
Php Php 5.1.4
Php Php 4.0.3
Php Php 4.1.1
Php Php 4.1.2
Php Php 4.3.1
Php Php 4.3.10
1 EDB exploit
605
VMScore
CVE-2007-1884
Multiple integer signedness errors in the printf function family in PHP 4 prior to 4.4.5 and PHP 5 prior to 5.2.1 on 64 bit machines allow context-dependent malicious users to execute arbitrary code via (1) certain negative argument numbers that arise in the php_formatted_print f...
Php Php 4.0.2
Php Php 4.0.3
Php Php 4.0.7
Php Php 4.0
Php Php 4.1.0
Php Php 4.2
Php Php 4.3.0
Php Php 4.3.6
Php Php 4.3.7
Php Php 4.4.4
Php Php 4.0.1
Php Php 4.0.6
Php Php 4.2.2
Php Php 4.2.3
Php Php 4.3.3
Php Php 4.3.4
Php Php 4.3.5
Php Php 4.4.2
Php Php 4.4.3
Php Php 4.0.0
Php Php 4.0.4
Php Php 4.0.5
505
VMScore
CVE-2007-1380
The php_binary serialization handler in the session extension in PHP prior to 4.4.5, and 5.x prior to 5.2.1, allows context-dependent malicious users to obtain sensitive information (memory contents) via a serialized variable entry with a large length value, which triggers a buff...
Php Php 4.0
Php Php 4.0.3
Php Php 4.0.4
Php Php 4.1.1
Php Php 4.1.2
Php Php 4.3.1
Php Php 4.3.10
Php Php 4.3.8
Php Php 4.3.9
Php Php 5.0.0
Php Php 5.0.2
Php Php 5.0.3
Php Php 5.0.4
Php Php 5.1.1
Php Php 5.1.2
Php Php 4.0.2
Php Php 4.0.7
Php Php 4.1.0
Php Php 4.2
Php Php 4.3.0
Php Php 4.3.6
Php Php 4.3.7
1 EDB exploit
605
VMScore
CVE-2009-3558
The posix_mkfifo function in ext/posix/posix.c in PHP prior to 5.2.12 and 5.3.x prior to 5.3.1 allows context-dependent malicious users to bypass open_basedir restrictions, and create FIFO files, via the pathname and mode arguments, as demonstrated by creating a .htaccess file.
Php Php 2.0
Php Php 2.0b10
Php Php 3.0.15
Php Php 3.0.16
Php Php 3.0.6
Php Php 3.0.7
Php Php 4.0.3
Php Php 4.0.4
Php Php 4.0
Php Php 4.1.0
Php Php 4.2.2
Php Php 4.2.3
Php Php 4.3.2
Php Php 4.3.7
Php Php 5.2.5
Php Php 5.2.6
Php Php 3.0.10
Php Php 3.0.11
Php Php 3.0.2
Php Php 3.0.3
Php Php 4.0.0
Php Php 4.0.7
454
VMScore
CVE-2007-1378
The ovrimos_longreadlen function in the Ovrimos extension for PHP prior to 4.4.5 allows context-dependent malicious users to write to arbitrary memory locations via the result_id and length arguments.
Php Php 3.0.10
Php Php 3.0.11
Php Php 3.0.12
Php Php 3.0.13
Php Php 3.0.9
Php Php 4.0
Php Php 4.0.0
Php Php 4.0.1
Php Php 4.3.10
Php Php 4.3.11
Php Php 4.3.2
Php Php 4.3.3
Php Php 3.0
Php Php 3.0.15
Php Php 3.0.17
Php Php 3.0.5
Php Php 3.0.7
Php Php 4.0.3
Php Php 4.0.7
Php Php 4.2.3
Php Php 4.3.0
Php Php 4.3.5
668
VMScore
CVE-2007-1888
Buffer overflow in the sqlite_decode_binary function in src/encode.c in SQLite 2, as used by PHP 4.x up to and including 5.x and other applications, allows context-dependent malicious users to execute arbitrary code via an empty value of the in parameter. NOTE: some PHP installat...
Php Php 4.0.1
Php Php 4.0.5
Php Php 4.0.6
Php Php 4.0
Php Php 4.2.1
Php Php 4.2.2
Php Php 4.3.2
Php Php 4.3.3
Php Php 4.4.0
Php Php 4.4.1
Php Php 4.4.2
Php Php 5.0.0
Php Php 5.0.3
Php Php 5.0.4
Php Php 5.1.1
Php Php 5.1.2
Php Php 5.1.3
Php Php 4.0.2
Php Php 4.0.7
Php Php 4.2.3
Php Php 4.2
Php Php 4.3.4
454
VMScore
CVE-2007-1379
The ovrimos_close function in the Ovrimos extension for PHP prior to 4.4.5 can trigger efree of an arbitrary address, which might allow context-dependent malicious users to execute arbitrary code.
Php Php 3.0.1
Php Php 3.0.10
Php Php 3.0.11
Php Php 3.0.12
Php Php 3.0.8
Php Php 3.0.9
Php Php 4.0
Php Php 4.0.0
Php Php 4.0.7
Php Php 4.3.1
Php Php 4.3.10
Php Php 4.3.11
Php Php 4.3.2
Php Php 3.0
Php Php 3.0.13
Php Php 3.0.15
Php Php 3.0.5
Php Php 3.0.7
Php Php 4.0.1
Php Php 4.0.3
Php Php 4.0.6
Php Php 4.2.3
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »