Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php php 4.2 vulnerabilities and exploits
(subscribe to this query)
755
VMScore
CVE-2005-3390
The RFC1867 file upload feature in PHP 4.x up to 4.4.0 and 5.x up to 5.0.5, when register_globals is enabled, allows remote malicious users to modify the GLOBALS array and bypass security protections of PHP applications via a multipart/form-data POST request with a "GLOBALS&...
Php Php 3.0.14
Php Php 3.0.15
Php Php 3.0.5
Php Php 3.0.6
Php Php 4.0.2
Php Php 4.0.3
Php Php 4.0.7
Php Php 4.2.3
Php Php 4.2
Php Php 4.3.5
Php Php 4.3.6
Php Php 5.0.2
Php Php 5.0.3
Php Php 3.0
Php Php 3.0.1
Php Php 3.0.16
Php Php 3.0.17
Php Php 3.0.7
Php Php 3.0.8
Php Php 4.0.4
Php Php 4.1.0
Php Php 4.1.1
1 EDB exploit
454
VMScore
CVE-2007-1379
The ovrimos_close function in the Ovrimos extension for PHP prior to 4.4.5 can trigger efree of an arbitrary address, which might allow context-dependent malicious users to execute arbitrary code.
Php Php 3.0.1
Php Php 3.0.10
Php Php 3.0.11
Php Php 3.0.12
Php Php 3.0.8
Php Php 3.0.9
Php Php 4.0
Php Php 4.0.0
Php Php 4.0.7
Php Php 4.3.1
Php Php 4.3.10
Php Php 4.3.11
Php Php 4.3.2
Php Php 3.0
Php Php 3.0.13
Php Php 3.0.15
Php Php 3.0.5
Php Php 3.0.7
Php Php 4.0.1
Php Php 4.0.3
Php Php 4.0.6
Php Php 4.2.3
668
VMScore
CVE-2007-1888
Buffer overflow in the sqlite_decode_binary function in src/encode.c in SQLite 2, as used by PHP 4.x up to and including 5.x and other applications, allows context-dependent malicious users to execute arbitrary code via an empty value of the in parameter. NOTE: some PHP installat...
Php Php 4.0.1
Php Php 4.0.5
Php Php 4.0.6
Php Php 4.0
Php Php 4.2.1
Php Php 4.2.2
Php Php 4.3.2
Php Php 4.3.3
Php Php 4.4.0
Php Php 4.4.1
Php Php 4.4.2
Php Php 5.0.0
Php Php 5.0.3
Php Php 5.0.4
Php Php 5.1.1
Php Php 5.1.2
Php Php 5.1.3
Php Php 4.0.2
Php Php 4.0.7
Php Php 4.2.3
Php Php 4.2
Php Php 4.3.4
454
VMScore
CVE-2007-1378
The ovrimos_longreadlen function in the Ovrimos extension for PHP prior to 4.4.5 allows context-dependent malicious users to write to arbitrary memory locations via the result_id and length arguments.
Php Php 3.0.10
Php Php 3.0.11
Php Php 3.0.12
Php Php 3.0.13
Php Php 3.0.9
Php Php 4.0
Php Php 4.0.0
Php Php 4.0.1
Php Php 4.3.10
Php Php 4.3.11
Php Php 4.3.2
Php Php 4.3.3
Php Php 3.0
Php Php 3.0.15
Php Php 3.0.17
Php Php 3.0.5
Php Php 3.0.7
Php Php 4.0.3
Php Php 4.0.7
Php Php 4.2.3
Php Php 4.3.0
Php Php 4.3.5
685
VMScore
CVE-2007-1001
Multiple integer overflows in the (1) createwbmp and (2) readwbmp functions in wbmp.c in the GD library (libgd) in PHP 4.0.0 up to and including 4.4.6 and 5.0.0 up to and including 5.2.1 allow context-dependent malicious users to execute arbitrary code via Wireless Bitmap (WBMP) ...
Php Php 4.0.0
Php Php 4.0.1
Php Php 4.0.5
Php Php 4.0.6
Php Php 4.0
Php Php 4.2.0
Php Php 4.2.1
Php Php 4.2.2
Php Php 4.3.2
Php Php 4.3.3
Php Php 4.4.0
Php Php 4.4.1
Php Php 5.0.0
Php Php 5.0.3
Php Php 5.0.4
Php Php 5.1.1
Php Php 5.1.2
Php Php 4.0.4
Php Php 4.1.1
Php Php 4.1.2
Php Php 4.3.10
Php Php 4.3.11
1 EDB exploit
685
VMScore
CVE-2007-1582
The resource system in PHP 4.0.0 up to and including 4.4.6 and 5.0.0 up to and including 5.2.1 allows context-dependent malicious users to execute arbitrary code by interrupting certain functions in the GD (ext/gd) extension and unspecified other extensions via a userspace error ...
Php Php 4.0.1
Php Php 4.0.2
Php Php 4.0.7
Php Php 4.0
Php Php 4.2.3
Php Php 4.2
Php Php 4.3.4
Php Php 4.3.5
Php Php 4.4.2
Php Php 4.4.3
Php Php 5.0.0
Php Php 5.0.5
Php Php 5.0
Php Php 5.1.3
Php Php 5.1.4
Php Php 5.1.5
Php Php 4.0.0
Php Php 4.0.4
Php Php 4.1.2
Php Php 4.2.0
Php Php 4.3.10
Php Php 4.3.11
1 EDB exploit
505
VMScore
CVE-2007-1717
The mail function in PHP 4.0.0 up to and including 4.4.6 and 5.0.0 up to and including 5.2.1 truncates e-mail messages at the first ASCIIZ ('\0') byte, which might allow context-dependent malicious users to prevent intended information from being delivered in e-mail mes...
Php Php 4.0.1
Php Php 4.0.2
Php Php 4.0.3
Php Php 4.0.7
Php Php 4.0
Php Php 4.2
Php Php 4.3.0
Php Php 4.3.5
Php Php 4.0.0
Php Php 4.0.4
Php Php 4.0.5
Php Php 4.1.2
Php Php 4.2.0
Php Php 4.3.11
Php Php 4.3.2
Php Php 4.3.9
Php Php 4.4.0
Php Php 5.0.0
Php Php 5.0.2
Php Php 5.0.3
Php Php 5.1.1
Php Php 4.1.0
1 EDB exploit
685
VMScore
CVE-2007-1583
The mb_parse_str function in PHP 4.0.0 up to and including 4.4.6 and 5.0.0 up to and including 5.2.1 sets the internal register_globals flag and does not disable it in certain cases when a script terminates, which allows remote malicious users to invoke available PHP scripts with...
Php Php 4.0.1
Php Php 4.0.5
Php Php 4.0.6
Php Php 4.0
Php Php 4.2.1
Php Php 4.2.2
Php Php 4.3.2
Php Php 4.3.3
Php Php 4.4.1
Php Php 4.4.2
Php Php 5.0.0
Php Php 5.0.3
Php Php 5.0.4
Php Php 5.1.2
Php Php 5.1.3
Php Php 4.0.3
Php Php 4.0.7
Php Php 4.1.0
Php Php 4.1.1
Php Php 4.3.0
Php Php 4.3.1
Php Php 4.3.6
1 EDB exploit
454
VMScore
CVE-2008-4107
The (1) rand and (2) mt_rand functions in PHP 5.2.6 do not produce cryptographically strong random numbers, which allows malicious users to leverage exposures in products that rely on these functions for security-relevant functionality, as demonstrated by the password-reset funct...
Php Php 4.4.7
Php Php 4.3.9
Php Php 4.3.8
Php Php 4.3.11
Php Php 4.3.10
Php Php 4.2.1
Php Php 4.0
Php Php 4.0.4
Php Php 4.0.3
Php Php 4.4.6
Php Php 4.4.5
Php Php 4.3.7
Php Php 4.3.6
Php Php 4.3.1
Php Php 4.3.0
Php Php 4.1.0
Php Php 4.1.2
Php Php 4.0.7
Php Php 4.0.2
Php Php 4.0.1
Php Php 4.4.1
Php Php 4.4.0
785
VMScore
CVE-2007-1718
CRLF injection vulnerability in the mail function in PHP 4.0.0 up to and including 4.4.6 and 5.0.0 up to and including 5.2.1 allows remote malicious users to inject arbitrary e-mail headers and possibly conduct spam attacks via a control character immediately following folding of...
Php Php 4.0.1
Php Php 4.0.2
Php Php 4.0.7
Php Php 4.0
Php Php 4.2.3
Php Php 4.2
Php Php 4.3.4
Php Php 4.3.5
Php Php 4.4.3
Php Php 4.4.4
Php Php 5.0.0
Php Php 5.0.5
Php Php 5.0
Php Php 5.1.4
Php Php 5.1.5
Php Php 4.0.3
Php Php 4.1.0
Php Php 4.1.1
Php Php 4.3.0
Php Php 4.3.1
Php Php 4.3.6
Php Php 4.3.7
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4671
unauthorized
CVE-2024-4776
CVE-2024-3407
CVE-2024-26026
CVE-2024-32888
wireless
CVE-2024-4656
template injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »