Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php php 4.2.2 vulnerabilities and exploits
(subscribe to this query)
755
VMScore
CVE-2005-3390
The RFC1867 file upload feature in PHP 4.x up to 4.4.0 and 5.x up to 5.0.5, when register_globals is enabled, allows remote malicious users to modify the GLOBALS array and bypass security protections of PHP applications via a multipart/form-data POST request with a "GLOBALS&...
Php Php 3.0.14
Php Php 3.0.15
Php Php 3.0.5
Php Php 3.0.6
Php Php 4.0.2
Php Php 4.0.3
Php Php 4.0.7
Php Php 4.2.3
Php Php 4.2
Php Php 4.3.5
Php Php 4.3.6
Php Php 5.0.2
Php Php 5.0.3
Php Php 3.0
Php Php 3.0.1
Php Php 3.0.16
Php Php 3.0.17
Php Php 3.0.7
Php Php 3.0.8
Php Php 4.0.4
Php Php 4.1.0
Php Php 4.1.1
1 EDB exploit
715
VMScore
CVE-2010-3714
The jumpUrl (aka access tracking) implementation in tslib/class.tslib_fe.php in TYPO3 4.2.x prior to 4.2.15, 4.3.x prior to 4.3.7, and 4.4.x prior to 4.4.4 does not properly compare certain hash values during access-control decisions, which allows remote malicious users to read a...
Typo3 Typo3 4.2.3
Typo3 Typo3 4.2.2
Typo3 Typo3 4.2.1
Typo3 Typo3 4.3.0
Typo3 Typo3 4.3.1
Typo3 Typo3 4.4.2
Typo3 Typo3 4.4.3
Typo3 Typo3 4.2.9
Typo3 Typo3 4.2.0
Typo3 Typo3 4.2.13
Typo3 Typo3 4.2.14
Typo3 Typo3 4.3.6
Typo3 Typo3 4.4
Typo3 Typo3 4.4.1
Typo3 Typo3 4.2.7
Typo3 Typo3 4.2.8
Typo3 Typo3 4.2.11
Typo3 Typo3 4.2.12
Typo3 Typo3 4.3.4
Typo3 Typo3 4.3.5
Typo3 Typo3 4.2.5
Typo3 Typo3 4.2.6
1 EDB exploit
694
VMScore
CVE-2007-1883
PHP 4.0.0 up to and including 4.4.6 and 5.0.0 up to and including 5.2.1 allows context-dependent malicious users to read arbitrary memory locations via an interruption that triggers a user space error handler that changes a parameter to an arbitrary pointer, as demonstrated via t...
Php Php 4.0.0
Php Php 4.0.4
Php Php 4.1.1
Php Php 4.1.2
Php Php 4.3.1
Php Php 4.3.10
Php Php 4.3.7
Php Php 4.3.8
Php Php 4.4.6
Php Php 5.0.0
Php Php 5.0.1
Php Php 5.0
Php Php 5.1.0
Php Php 5.2.0
Php Php 5.2.1
Php Php 4.0.3
Php Php 4.0.7
Php Php 4.1.0
Php Php 4.2
Php Php 4.3.0
Php Php 4.3.5
Php Php 4.3.6
694
VMScore
CVE-2007-1461
The compress.bzip2:// URL wrapper provided by the bz2 extension in PHP prior to 4.4.7, and 5.x prior to 5.2.2, does not implement safemode or open_basedir checks, which allows remote malicious users to read bzip2 archives located outside of the intended directories.
Php Php 5.0.5
Php Php 5.1.1
Php Php 5.1.6
Php Php 5.2.1
Php Php 5.0.0
Php Php 5.0.1
Php Php 5.0.2
Php Php 5.0.3
Php Php 5.1.2
Php Php 5.1.3
Php Php 5.1.4
Php Php 5.1.5
Php Php 5.0.4
Php Php 5.1.0
Php Php 5.2.0
Php Php
Php Php 4.3.4
Php Php 4.3.6
Php Php 4.3.0
Php Php 4.3.8
Php Php 4.4.3
Php Php 4.0
685
VMScore
CVE-2010-5099
The fileDenyPattern functionality in the PHP file inclusion protection API in TYPO3 4.2.x prior to 4.2.16, 4.3.x prior to 4.3.9, and 4.4.x prior to 4.4.5 does not properly filter file types, which allows remote malicious users to bypass intended access restrictions and access arb...
Typo3 Typo3 4.2.0
Typo3 Typo3 4.2.7
Typo3 Typo3 4.2.8
Typo3 Typo3 4.2.15
Typo3 Typo3 4.2.3
Typo3 Typo3 4.2.4
Typo3 Typo3 4.2.11
Typo3 Typo3 4.2.12
Typo3 Typo3 4.2.5
Typo3 Typo3 4.2.6
Typo3 Typo3 4.2.13
Typo3 Typo3 4.2.14
Typo3 Typo3 4.2.1
Typo3 Typo3 4.2.2
Typo3 Typo3 4.2.9
Typo3 Typo3 4.2.10
Typo3 Typo3 4.3.7
Typo3 Typo3 4.3.8
Typo3 Typo3 4.3.2
Typo3 Typo3 4.3.3
Typo3 Typo3 4.3.4
Typo3 Typo3 4.3.5
1 EDB exploit
685
VMScore
CVE-2007-1001
Multiple integer overflows in the (1) createwbmp and (2) readwbmp functions in wbmp.c in the GD library (libgd) in PHP 4.0.0 up to and including 4.4.6 and 5.0.0 up to and including 5.2.1 allow context-dependent malicious users to execute arbitrary code via Wireless Bitmap (WBMP) ...
Php Php 4.0.0
Php Php 4.0.1
Php Php 4.0.5
Php Php 4.0.6
Php Php 4.0
Php Php 4.2.0
Php Php 4.2.1
Php Php 4.2.2
Php Php 4.3.2
Php Php 4.3.3
Php Php 4.4.0
Php Php 4.4.1
Php Php 5.0.0
Php Php 5.0.3
Php Php 5.0.4
Php Php 5.1.1
Php Php 5.1.2
Php Php 4.0.4
Php Php 4.1.1
Php Php 4.1.2
Php Php 4.3.10
Php Php 4.3.11
1 EDB exploit
685
VMScore
CVE-2007-1583
The mb_parse_str function in PHP 4.0.0 up to and including 4.4.6 and 5.0.0 up to and including 5.2.1 sets the internal register_globals flag and does not disable it in certain cases when a script terminates, which allows remote malicious users to invoke available PHP scripts with...
Php Php 4.0.1
Php Php 4.0.5
Php Php 4.0.6
Php Php 4.0
Php Php 4.2.1
Php Php 4.2.2
Php Php 4.3.2
Php Php 4.3.3
Php Php 4.4.1
Php Php 4.4.2
Php Php 5.0.0
Php Php 5.0.3
Php Php 5.0.4
Php Php 5.1.2
Php Php 5.1.3
Php Php 4.0.3
Php Php 4.0.7
Php Php 4.1.0
Php Php 4.1.1
Php Php 4.3.0
Php Php 4.3.1
Php Php 4.3.6
1 EDB exploit
685
VMScore
CVE-2007-1582
The resource system in PHP 4.0.0 up to and including 4.4.6 and 5.0.0 up to and including 5.2.1 allows context-dependent malicious users to execute arbitrary code by interrupting certain functions in the GD (ext/gd) extension and unspecified other extensions via a userspace error ...
Php Php 4.0.1
Php Php 4.0.2
Php Php 4.0.7
Php Php 4.0
Php Php 4.2.3
Php Php 4.2
Php Php 4.3.4
Php Php 4.3.5
Php Php 4.4.2
Php Php 4.4.3
Php Php 5.0.0
Php Php 5.0.5
Php Php 5.0
Php Php 5.1.3
Php Php 5.1.4
Php Php 5.1.5
Php Php 4.0.0
Php Php 4.0.4
Php Php 4.1.2
Php Php 4.2.0
Php Php 4.3.10
Php Php 4.3.11
1 EDB exploit
685
VMScore
CVE-2006-7026
PHP remote file inclusion vulnerability in sources/join.php in Aardvark Topsites PHP 4.2.2 and previous versions, when register_globals is enabled, allows remote malicious users to execute arbitrary PHP code via a URL in the CONFIG[path] parameter, a different vector than CVE-200...
Avatic Aardvark Topsites Php
1 EDB exploit
685
VMScore
CVE-2004-0595
The strip_tags function in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, does not filter null (\0) characters within tag names when restricting input to allowed tags, which allows dangerous tags to be processed by web browsers such as Internet Explorer and Safari, which ignore nul...
Avaya Converged Communications Server 2.0
Redhat Fedora Core Core 1.0
Redhat Fedora Core Core 2.0
Trustix Secure Linux 1.5
Trustix Secure Linux 2.0
Trustix Secure Linux 2.1
Php Php 4.0
Php Php 4.0.1
Php Php 4.1.0
Php Php 4.1.1
Php Php 4.1.2
Php Php 4.3.2
Php Php 4.3.3
Avaya S8300 R2.0.0
Avaya S8300 R2.0.1
Php Php 4.0.2
Php Php 4.0.3
Php Php 4.2.0
Php Php 4.2.1
Php Php 4.3.5
Php Php 4.3.6
Avaya S8500 R2.0.0
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-20065
open redirect
CVE-2024-1086
path traversal
CVE-2024-29825
XXE
CVE-2024-29822
CVE-2024-20696
CVE-2024-3564
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »