Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php php 3.0.1 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2013-1635
ext/soap/soap.c in PHP prior to 5.3.22 and 5.4.x prior to 5.4.13 does not validate the relationship between the soap.wsdl_cache_dir directive and the open_basedir directive, which allows remote malicious users to bypass intended access restrictions by triggering the creation of c...
Php Php 4.3.9
Php Php 4.4.9
Php Php 3.0
Php Php
Php Php 5.2.9
Php Php 4.0
Php Php 3.0.5
Php Php 3.0.11
Php Php 5.3.10
Php Php 5.1.5
Php Php 5.3.6
Php Php 5.3.9
Php Php 5.1.2
Php Php 5.3.1
Php Php 4.2.0
Php Php 5.1.1
Php Php 3.0.1
Php Php 5.3.18
Php Php 5.2.14
Php Php 3.0.2
Php Php 4.4.4
Php Php 5.0.0
NA
CVE-2013-1643
The SOAP parser in PHP prior to 5.3.23 and 5.4.x prior to 5.4.13 allows remote malicious users to read arbitrary files via a SOAP WSDL file containing an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue in the ...
Php Php 4.3.9
Php Php 4.4.9
Php Php 3.0
Php Php
Php Php 5.2.9
Php Php 4.0
Php Php 3.0.5
Php Php 3.0.11
Php Php 5.3.10
Php Php 5.1.5
Php Php 5.3.6
Php Php 5.3.9
Php Php 5.1.2
Php Php 5.3.1
Php Php 4.2.0
Php Php 5.1.1
Php Php 3.0.1
Php Php 5.3.18
Php Php 5.2.14
Php Php 3.0.2
Php Php 4.4.4
Php Php 5.0.0
NA
CVE-2013-1453
plugins/system/highlight/highlight.php in Joomla! 3.0.x up to and including 3.0.2 and 2.5.x up to and including 2.5.8 allows malicious users to unserialize arbitrary PHP objects to obtain sensitive information, delete arbitrary directories, conduct SQL injection attacks, and poss...
Joomla Joomla! 2.5.7
Joomla Joomla! 2.5.8
Joomla Joomla! 3.0.2
Joomla Joomla! 2.5.2
Joomla Joomla! 2.5.1
Joomla Joomla! 3.0.1
Joomla Joomla! 2.5.3
Joomla Joomla! 2.5.4
Joomla Joomla! 2.5.6
Joomla Joomla! 2.5.5
Joomla Joomla! 3.0.0
Joomla Joomla! 2.5.0
1 EDB exploit
NA
CVE-2012-5609
Incomplete blacklist vulnerability in lib/migrate.php in ownCloud prior to 4.5.2 allows remote authenticated users to execute arbitrary PHP code by uploading a crafted mount.php file in a ZIP file.
Owncloud Owncloud 4.0.3
Owncloud Owncloud
Owncloud Owncloud 4.0.0
Owncloud Owncloud 3.0.3
Owncloud Owncloud 4.0.8
Owncloud Owncloud 4.0.1
Owncloud Owncloud 4.0.6
Owncloud Owncloud 4.0.5
Owncloud Owncloud 4.5.0
Owncloud Owncloud 4.0.2
Owncloud Owncloud 3.0.0
Owncloud Owncloud 3.0.2
Owncloud Owncloud 4.0.9
Owncloud Owncloud 4.0.7
Owncloud Owncloud 4.0.4
Owncloud Owncloud 3.0.1
NA
CVE-2012-5610
Incomplete blacklist vulnerability in lib/filesystem.php in ownCloud prior to 4.0.9 and 4.5.x prior to 4.5.2 allows remote authenticated users to execute arbitrary PHP code by uploading a file with a special crafted name.
Owncloud Owncloud 4.0.3
Owncloud Owncloud 4.0.0
Owncloud Owncloud 3.0.3
Owncloud Owncloud
Owncloud Owncloud 4.0.1
Owncloud Owncloud 4.0.6
Owncloud Owncloud 4.0.5
Owncloud Owncloud 4.0.2
Owncloud Owncloud 3.0.0
Owncloud Owncloud 3.0.2
Owncloud Owncloud 4.0.7
Owncloud Owncloud 4.0.4
Owncloud Owncloud 3.0.1
NA
CVE-2012-4437
Cross-site scripting (XSS) vulnerability in the SmartyException class in Smarty (aka smarty-php) prior to 3.1.12 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors that trigger a Smarty exception.
Smarty Smarty 1.4.3
Smarty Smarty 1.0
Smarty Smarty 1.0b
Smarty Smarty 2.3.1
Smarty Smarty 3.0.0
Smarty Smarty 2.6.0
Smarty Smarty 2.6.25
Smarty Smarty 3.0.5
Smarty Smarty 1.4.0
Smarty Smarty 1.4.5
Smarty Smarty 2.6.1
Smarty Smarty 2.6.7
Smarty Smarty 2.6.20
Smarty Smarty 2.3.0
Smarty Smarty 1.0a
Smarty Smarty 1.1.0
Smarty Smarty 2.6.15
Smarty Smarty 2.6.3
Smarty Smarty 2.6.14
Smarty Smarty 3.1.1
Smarty Smarty 2.5.0
Smarty Smarty 1.2.1
NA
CVE-2012-3572
Open Source Competency Center (OSCC) MyMeeting 3.0.1 and previous versions, and MyMesyuarat 09b-1, does not properly verify uploaded documents, which allows remote authenticated users to execute arbitrary PHP code via a crafted document.
Oscc Mymeeting
Nurul Hidayah Hamazulan Mymesyuarat 09b-1
NA
CVE-2012-4389
Incomplete blacklist vulnerability in lib/migrate.php in ownCloud prior to 4.0.7 allows remote malicious users to execute arbitrary code by uploading a crafted .htaccess file in an import.zip file and accessing an uploaded PHP file.
Owncloud Owncloud 4.0.3
Owncloud Owncloud 4.0.0
Owncloud Owncloud 3.0.3
Owncloud Owncloud
Owncloud Owncloud 4.0.1
Owncloud Owncloud 4.0.5
Owncloud Owncloud 4.0.2
Owncloud Owncloud 3.0.0
Owncloud Owncloud 3.0.2
Owncloud Owncloud 4.0.4
Owncloud Owncloud 3.0.1
NA
CVE-2012-4343
Multiple unspecified vulnerabilities in Gallery 3 prior to 3.0.4 allow malicious users to execute arbitrary PHP code via unknown vectors.
Menalto Gallery 3.0.1
Menalto Gallery 3.0
Menalto Gallery
Menalto Gallery 3.0.2
NA
CVE-2012-2965
Caucho Quercus, as distributed in Resin prior to 4.0.29, does not properly handle unspecified characters in the names of variables, which has unknown impact and remote attack vectors, related to an "HTTP Parameter Contamination" issue.
Caucho Resin 2.0.2
Caucho Resin 4.0.7
Caucho Resin 3.1.4
Caucho Resin 2.1.0
Caucho Resin 3.1.11
Caucho Resin 3.0.16
Caucho Resin 4.0.12
Caucho Resin 4.0.18
Caucho Resin 2.1.6
Caucho Resin 4.0.21
Caucho Resin 3.0.7
Caucho Resin 2.1.8
Caucho Resin 4.0.1
Caucho Resin 3.0.19
Caucho Resin 3.0.14
Caucho Resin 2.1.12
Caucho Resin 2.1.11
Caucho Resin 2.1.13
Caucho Resin 2.1.9
Caucho Resin 4.0.22
Caucho Resin 3.1.10
Caucho Resin 4.0.15
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3080
log injection
CVE-2024-6041
CVE-2024-37661
XML external entity
CVE-2024-0845
privilege escalation
CVE-2023-37057
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »