Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php php 4.2.0 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2009-3292
Unspecified vulnerability in PHP prior to 5.2.11, and 5.3.x prior to 5.3.1, has unknown impact and attack vectors related to "missing sanity checks around exif processing."
Php Php 4.3.2
Php Php 4.3.11
Php Php 4.2.3
Php Php 5.0
Php Php 4.4.0
Php Php 4.4.1
Php Php 4.4.2
Php Php 5.0.0
Php Php 1.0
Php Php 2.0b10
Php Php 3.0.11
Php Php 3.0.10
Php Php 3.0.4
Php Php 3.0.3
Php Php 3.0.9
Php Php 4.0
Php Php 4.0.0
Php Php 4.0.4
Php Php 4.0.3
Php Php 4.0.7
Php Php 5.1.4
Php Php 5.1.5
7.5
CVSSv2
CVE-2009-3293
Unspecified vulnerability in the imagecolortransparent function in PHP prior to 5.2.11 has unknown impact and attack vectors related to an incorrect "sanity check for the color index."
Php Php 4.3.6
Php Php 4.3.5
Php Php 4.2.0
Php Php 4.4.5
Php Php 5.0.0
Php Php 4.3.7
Php Php 4.4.4
Php Php 5.1.0
Php Php 5.0.5
Php Php 5.0.2
Php Php 5.0.1
Php Php 4.2
Php Php 4.4.9
Php Php 3.0.1
Php Php 3.0
Php Php 3.0.17
Php Php 3.0.16
Php Php 3.0.5
Php Php 3.0.6
Php Php 4.0
Php Php 4.0.6
Php Php 4.0.1
7.5
CVSSv2
CVE-2008-3072
Simple Machines Forum (SMF) 1.1.x prior to 1.1.5 and 1.0.x prior to 1.0.13, when running in PHP prior to 4.2.0, does not properly seed the random number generator, which has unknown impact and attack vectors.
Simple Machines Simple Machines Forum
7.5
CVSSv2
CVE-2007-4658
The money_format function in PHP 5 prior to 5.2.4, and PHP 4 prior to 4.4.8, permits multiple (1) %i and (2) %n tokens, which has unknown impact and attack vectors, possibly related to a format string vulnerability.
Php Php 5.0.4
Php Php 5.0.3
Php Php 5.0.0
Php Php 5.0.2
Php Php 5.2.0
Php Php 5.1.4
Php Php 5.1.0
Php Php 5.2.12
Php Php 5.2.1
Php Php 5.2.2
Php Php 5.2.11
Php Php 5.0.5
Php Php 5.2.13
Php Php 5.1.6
Php Php 5.2.3
Php Php 5.2.10
Php Php 5.1.3
Php Php 5.1.2
Php Php 5.1.1
Php Php 5.0.1
Php Php 5.1.5
Php Php 5.2.14
7.5
CVSSv2
CVE-2007-4606
PHP remote file inclusion vulnerability in convert/mvcw_conver.php in the Virtual War (VWar) module for PHPNuke-Clan (PNC) 4.2.0 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the vwar_root parameter, a different vector than CVE-200...
Phpnuke-clan Phpnuke-clan
1 EDB exploit
7.5
CVSSv2
CVE-2007-1890
Integer overflow in the msg_receive function in PHP 4 prior to 4.4.5 and PHP 5 prior to 5.2.1, on FreeBSD and possibly other platforms, allows context-dependent malicious users to execute arbitrary code via certain maxsize values, as demonstrated by 0xffffffff.
Php Php 4.0.3
Php Php 4.0.7
Php Php 4.1.0
Php Php 4.2
Php Php 4.3.0
Php Php 4.3.5
Php Php 4.3.6
Php Php 4.4.4
Php Php 5.0.0
Php Php 5.0.1
Php Php 5.0
Php Php 5.1.0
Php Php 5.2.0
Php Php 4.0.0
Php Php 4.0.4
Php Php 4.1.1
Php Php 4.1.2
Php Php 4.3.1
Php Php 4.3.10
Php Php 4.3.7
Php Php 4.3.8
Php Php 5.0.2
1 EDB exploit
7.5
CVSSv2
CVE-2007-1885
Integer overflow in the str_replace function in PHP 4 prior to 4.4.5 and PHP 5 prior to 5.2.1 allows context-dependent malicious users to execute arbitrary code via a single character search string in conjunction with a long replacement string, which overflows a 32 bit length cou...
Php Php 4.0.1
Php Php 4.0.2
Php Php 4.0.7
Php Php 4.2.1
Php Php 4.2.2
Php Php 4.3.3
Php Php 4.3.4
Php Php 4.4.1
Php Php 4.0.3
Php Php 4.2.3
Php Php 4.2
Php Php 4.3.5
Php Php 4.3.6
Php Php 4.4.3
Php Php 4.4.4
Php Php 5.0.0
Php Php 5.0
Php Php 5.1.4
Php Php 5.1.5
Php Php 4.0.4
Php Php 4.1.0
Php Php 4.1.1
7.5
CVSSv2
CVE-2007-1888
Buffer overflow in the sqlite_decode_binary function in src/encode.c in SQLite 2, as used by PHP 4.x up to and including 5.x and other applications, allows context-dependent malicious users to execute arbitrary code via an empty value of the in parameter. NOTE: some PHP installat...
Php Php 4.0.1
Php Php 4.0.5
Php Php 4.0.6
Php Php 4.0
Php Php 4.2.1
Php Php 4.2.2
Php Php 4.3.2
Php Php 4.3.3
Php Php 4.4.0
Php Php 4.4.1
Php Php 4.4.2
Php Php 5.0.0
Php Php 5.0.3
Php Php 5.0.4
Php Php 5.1.1
Php Php 5.1.2
Php Php 5.1.3
Php Php 4.0.2
Php Php 4.0.7
Php Php 4.2.3
Php Php 4.2
Php Php 4.3.4
7.5
CVSSv2
CVE-2007-1825
Buffer overflow in the imap_mail_compose function in PHP 5 prior to 5.2.1, and PHP 4 prior to 4.4.5, allows remote malicious users to execute arbitrary code via a long boundary string in a type.parameters field. NOTE: as of 20070411, it appears that this issue might be subsumed b...
Php Php 4.0.0
Php Php 4.0.1
Php Php 4.0.2
Php Php 4.0.7
Php Php 4.2.2
Php Php 4.2.3
Php Php 4.3.3
Php Php 4.3.4
Php Php 4.4.1
Php Php 4.4.2
Php Php 5.0.5
Php Php 5.0
Php Php 5.1.3
Php Php 5.1.4
Php Php 4.0.5
Php Php 4.0.6
Php Php 4.2.0
Php Php 4.2.1
Php Php 4.3.11
Php Php 4.3.2
Php Php 4.3.9
Php Php 4.4.0
1 EDB exploit
7.5
CVSSv2
CVE-2007-1777
Integer overflow in the zip_read_entry function in PHP 4 prior to 4.4.5 allows remote malicious users to execute arbitrary code via a ZIP archive that contains an entry with a length value of 0xffffffff, which is incremented before use in an emalloc call, triggering a heap overfl...
Php Php 3.0.1
Php Php 3.0.10
Php Php 3.0.18
Php Php 3.0.2
Php Php 3.0.9
Php Php 4.0.0
Php Php 4.0.4
Php Php 4.1.1
Php Php 4.1.2
Php Php 4.3.1
Php Php 4.3.10
Php Php 4.3.7
Php Php 4.3.8
Php Php 3.0.11
Php Php 3.0.12
Php Php 3.0.3
Php Php 3.0.4
Php Php 4.0.1
Php Php 4.0.5
Php Php 4.0.6
Php Php 4.2.0
Php Php 4.2.1
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »