Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php php 4.2.3 vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2011-0753
Race condition in the PCNTL extension in PHP prior to 5.3.4, when a user-defined signal handler exists, might allow context-dependent malicious users to cause a denial of service (memory corruption) via a large number of concurrent signals.
Php Php 4.0.2
Php Php 4.0.3
Php Php 4.0
Php Php 4.2.1
Php Php 4.2.2
Php Php 4.3.11
Php Php 4.3.2
Php Php 4.3.9
Php Php 4.4.0
Php Php 4.4.8
Php Php 4.4.9
Php Php 5.3.2
Php Php 4.0.6
Php Php 4.0.7
Php Php 5.3.0
Php Php 5.3.1
Php Php 4.0.4
Php Php 4.0.5
Php Php 4.1.0
Php Php 4.2.3
Php Php 4.3.3
Php Php 4.3.4
5
CVSSv2
CVE-2006-7243
PHP prior to 5.3.4 accepts the \0 character in a pathname, which might allow context-dependent malicious users to bypass intended access restrictions by placing a safe file extension after this character, as demonstrated by .php\0.jpg at the end of the argument to the file_exists...
Php Php 5.3.0
Php Php 4.0.3
Php Php 4.0.4
Php Php 4.0
Php Php 4.1.0
Php Php 4.2.2
Php Php 4.2.3
Php Php 4.3.2
Php Php 4.3.3
Php Php 4.4.1
Php Php 4.4.2
Php Php 4.4.9
Php Php 3.0.11
Php Php 3.0.18
Php Php 3.0.4
Php Php 3.0.8
Php Php 3.0.5
Php Php 5.2.12
Php Php 5.2.10
Php Php 5.2.8
Php Php 5.2.3
Php Php 5.2.4
2 Articles
6.8
CVSSv2
CVE-2010-4697
Use-after-free vulnerability in the Zend engine in PHP prior to 5.2.15 and 5.3.x prior to 5.3.4 might allow context-dependent malicious users to cause a denial of service (heap memory corruption) or have unspecified other impact via vectors related to use of __set, __get, __isset...
Php Php 5.2.0
Php Php 5.2.7
Php Php 5.2.8
Php Php 5.1.3
Php Php 5.1.2
Php Php 5.0.0
Php Php 5.0.2
Php Php 5.0.3
Php Php 4.0.4
Php Php 4.0.5
Php Php 4.1.0
Php Php 4.1.1
Php Php 4.2.3
Php Php 4.3.3
Php Php 4.3.4
Php Php 4.3.5
Php Php 4.4.2
Php Php 5.2.3
Php Php 5.2.4
Php Php 5.2.11
Php Php 5.2.12
Php Php 5.1.6
5
CVSSv2
CVE-2010-4699
The iconv_mime_decode_headers function in the Iconv extension in PHP prior to 5.3.4 does not properly handle encodings that are unrecognized by the iconv and mbstring (aka Multibyte String) implementations, which allows remote malicious users to trigger an incomplete output array...
Php Php 5.3.1
Php Php 5.3.2
Php Php 4.0.5
Php Php 4.0.6
Php Php 4.0
Php Php 4.0.0
Php Php 4.0.7
Php Php 4.2.0
Php Php 4.3.1
Php Php 4.3.7
Php Php 4.3.8
Php Php 4.4.5
Php Php 4.4.6
Php Php 3.0.12
Php Php 3.0.1
Php Php 3.0.17
Php Php 3.0.16
Php Php 2.0
Php Php 1.0
Php Php 5.2.5
Php Php 5.2.0
Php Php 5.2.17
5
CVSSv2
CVE-2010-4409
Integer overflow in the NumberFormatter::getSymbol (aka numfmt_get_symbol) function in PHP 5.3.3 and previous versions allows context-dependent malicious users to cause a denial of service (application crash) via an invalid argument.
Php Php 4.0
Php Php 4.0.0
Php Php 4.2.0
Php Php 4.3.1
Php Php 4.3.7
Php Php 4.3.8
Php Php 4.4.5
Php Php 4.4.6
Php Php 3.0.12
Php Php 3.0.1
Php Php 3.0.17
Php Php 3.0.16
Php Php 2.0
Php Php 1.0
Php Php 5.3.0
Php Php 4.0.3
Php Php 4.0.4
Php Php 4.1.0
Php Php 4.2.2
Php Php 4.2.3
Php Php 4.3.2
Php Php 4.3.3
1 EDB exploit
6.8
CVSSv2
CVE-2009-5016
Integer overflow in the xml_utf8_decode function in ext/xml/xml.c in PHP prior to 5.2.11 makes it easier for remote malicious users to bypass cross-site scripting (XSS) and SQL injection protection mechanisms via a crafted string that uses overlong UTF-8 encoding, a different vul...
Php Php 5.0.0
Php Php 5.1.1
Php Php 5.1.2
Php Php
Php Php 4.0
Php Php 4.0.6
Php Php 4.0.7
Php Php 4.1.2
Php Php 4.3.0
Php Php 4.3.5
Php Php 4.3.6
Php Php 4.3.7
Php Php 4.4.4
Php Php 4.4.5
Php Php 3.0.13
Php Php 3.0.12
Php Php 3.0.14
Php Php 5.0.4
Php Php 5.0.5
Php Php 5.1.5
Php Php 5.1.6
Php Php 4.0.2
4.3
CVSSv2
CVE-2010-3715
Multiple cross-site scripting (XSS) vulnerabilities in TYPO3 4.2.x prior to 4.2.15, 4.3.x prior to 4.3.7, and 4.4.x prior to 4.4.4 allow remote malicious users to inject arbitrary web script or HTML via vectors related to (1) the RemoveXSS function, and allow remote authenticated...
Typo3 Typo3 4.2.4
Typo3 Typo3 4.2.10
Typo3 Typo3 4.2.11
Typo3 Typo3 4.2.12
Typo3 Typo3 4.2.9
Typo3 Typo3 4.2.2
Typo3 Typo3 4.2.14
Typo3 Typo3 4.3.1
Typo3 Typo3 4.3.6
Typo3 Typo3 4.4.1
Typo3 Typo3 4.4.3
Typo3 Typo3 4.2.3
Typo3 Typo3 4.2.5
Typo3 Typo3 4.2.6
Typo3 Typo3 4.2.7
Typo3 Typo3 4.2.8
Typo3 Typo3 4.3.2
Typo3 Typo3 4.3.3
Typo3 Typo3 4.3.4
Typo3 Typo3 4.3.5
Typo3 Typo3 4.2.0
Typo3 Typo3 4.2.1
6
CVSSv2
CVE-2010-3716
The be_user_creation task in TYPO3 4.2.x prior to 4.2.15 and 4.3.x prior to 4.3.7 allows remote authenticated users to gain privileges via a crafted POST request that creates a user account with arbitrary group memberships.
Typo3 Typo3 4.2.1
Typo3 Typo3 4.2.4
Typo3 Typo3 4.2.10
Typo3 Typo3 4.2.11
Typo3 Typo3 4.2.8
Typo3 Typo3 4.2.0
Typo3 Typo3 4.2.13
Typo3 Typo3 4.3.0
Typo3 Typo3 4.2.3
Typo3 Typo3 4.2.5
Typo3 Typo3 4.2.6
Typo3 Typo3 4.2.7
Typo3 Typo3 4.3.1
Typo3 Typo3 4.3.2
Typo3 Typo3 4.3.3
Typo3 Typo3 4.3.4
Typo3 Typo3 4.3.5
Typo3 Typo3 4.2.9
Typo3 Typo3 4.2.2
Typo3 Typo3 4.2.12
Typo3 Typo3 4.2.14
Typo3 Typo3 4.3.6
7.1
CVSSv2
CVE-2010-3714
The jumpUrl (aka access tracking) implementation in tslib/class.tslib_fe.php in TYPO3 4.2.x prior to 4.2.15, 4.3.x prior to 4.3.7, and 4.4.x prior to 4.4.4 does not properly compare certain hash values during access-control decisions, which allows remote malicious users to read a...
Typo3 Typo3 4.2.3
Typo3 Typo3 4.2.2
Typo3 Typo3 4.2.1
Typo3 Typo3 4.3.0
Typo3 Typo3 4.3.1
Typo3 Typo3 4.4.2
Typo3 Typo3 4.4.3
Typo3 Typo3 4.2.9
Typo3 Typo3 4.2.0
Typo3 Typo3 4.2.13
Typo3 Typo3 4.2.14
Typo3 Typo3 4.3.6
Typo3 Typo3 4.4
Typo3 Typo3 4.4.1
Typo3 Typo3 4.2.7
Typo3 Typo3 4.2.8
Typo3 Typo3 4.2.11
Typo3 Typo3 4.2.12
Typo3 Typo3 4.3.4
Typo3 Typo3 4.3.5
Typo3 Typo3 4.2.5
Typo3 Typo3 4.2.6
1 EDB exploit
5
CVSSv2
CVE-2010-3717
The t3lib_div::validEmail function in TYPO3 4.2.x prior to 4.2.15, 4.3.x prior to 4.3.7, and 4.4.x prior to 4.4.4 does not properly restrict input to filter_var FILTER_VALIDATE_EMAIL operations in PHP, which allows remote malicious users to cause a denial of service (memory consu...
Typo3 Typo3 4.2.6
Typo3 Typo3 4.2.7
Typo3 Typo3 4.2.8
Typo3 Typo3 4.2.9
Typo3 Typo3 4.2.0
Typo3 Typo3 4.3.4
Typo3 Typo3 4.3.5
Typo3 Typo3 4.3.6
Typo3 Typo3 4.4
Typo3 Typo3 4.2.3
Typo3 Typo3 4.2.2
Typo3 Typo3 4.2.4
Typo3 Typo3 4.3.1
Typo3 Typo3 4.3.3
Typo3 Typo3 4.4.1
Typo3 Typo3 4.4.3
Typo3 Typo3 4.2.11
Typo3 Typo3 4.2.12
Typo3 Typo3 4.2.13
Typo3 Typo3 4.2.14
Typo3 Typo3 4.2.5
Typo3 Typo3 4.2.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-17519
open redirect
CVE-2024-21683
cache poisoning
CVE-2021-47524
CVE-2021-47521
CVE-2024-5229
CVE-2021-47560
local
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »