Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php php 3.0.4 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2012-2336
sapi/cgi/cgi_main.c in PHP prior to 5.3.13 and 5.4.x prior to 5.4.3, when configured as a CGI script (aka php-cgi), does not properly handle query strings that lack an = (equals sign) character, which allows remote malicious users to cause a denial of service (resource consumptio...
Php Php 4.3.9
Php Php 4.4.9
Php Php 3.0
Php Php 5.2.9
Php Php 4.0
Php Php 3.0.5
Php Php 3.0.11
Php Php 5.3.10
Php Php 5.1.5
Php Php 5.3.6
Php Php 5.3.9
Php Php 5.1.2
Php Php 5.3.1
Php Php 4.2.0
Php Php 5.1.1
Php Php 3.0.1
Php Php 5.2.14
Php Php 3.0.2
Php Php 4.4.4
Php Php 5.0.0
Php Php 4.1.0
Php Php 5.1.6
4 EDB exploits
NA
CVE-2011-4898
wp-admin/setup-config.php in the installation component in WordPress 3.3.1 and previous versions generates different error messages for requests lacking a dbname parameter depending on whether the MySQL credentials are valid, which makes it easier for remote malicious users to co...
Wordpress Wordpress 3.0.5
Wordpress Wordpress 2.0.11
Wordpress Wordpress 2.8.6
Wordpress Wordpress 2.0
Wordpress Wordpress 2.1.1
Wordpress Wordpress 2.2.3
Wordpress Wordpress 2.0.2
Wordpress Wordpress 2.1
Wordpress Wordpress 2.0.6
Wordpress Wordpress 2.0.1
Wordpress Wordpress 2.8.4
Wordpress Wordpress 2.0.4
Wordpress Wordpress 3.0.2
Wordpress Wordpress 3.2.1
Wordpress Wordpress 0.711
Wordpress Wordpress 3.1.4
Wordpress Wordpress 2.2
Wordpress Wordpress 1.2.1
Wordpress Wordpress 0.7
Wordpress Wordpress 2.1.3
Wordpress Wordpress 3.0
Wordpress Wordpress 2.8
1 EDB exploit
NA
CVE-2011-4899
wp-admin/setup-config.php in the installation component in WordPress 3.3.1 and previous versions does not ensure that the specified MySQL database service is appropriate, which allows remote malicious users to configure an arbitrary database via the dbhost and dbname parameters, ...
Wordpress Wordpress 3.0.5
Wordpress Wordpress 2.0.11
Wordpress Wordpress 2.8.6
Wordpress Wordpress 2.0
Wordpress Wordpress 2.1.1
Wordpress Wordpress 2.2.3
Wordpress Wordpress 2.0.2
Wordpress Wordpress 2.1
Wordpress Wordpress 2.0.6
Wordpress Wordpress 2.0.1
Wordpress Wordpress 2.8.4
Wordpress Wordpress 2.0.4
Wordpress Wordpress 3.0.2
Wordpress Wordpress 3.2.1
Wordpress Wordpress 0.711
Wordpress Wordpress 3.1.4
Wordpress Wordpress 2.2
Wordpress Wordpress 1.2.1
Wordpress Wordpress 0.7
Wordpress Wordpress 2.1.3
Wordpress Wordpress 3.0
Wordpress Wordpress 2.8
1 EDB exploit
NA
CVE-2012-0782
Multiple cross-site scripting (XSS) vulnerabilities in wp-admin/setup-config.php in the installation component in WordPress 3.3.1 and previous versions allow remote malicious users to inject arbitrary web script or HTML via the (1) dbhost, (2) dbname, or (3) uname parameter. NOTE...
Wordpress Wordpress 3.0.5
Wordpress Wordpress 2.0.11
Wordpress Wordpress 2.8.6
Wordpress Wordpress 2.0
Wordpress Wordpress 2.1.1
Wordpress Wordpress 2.2.3
Wordpress Wordpress 2.0.2
Wordpress Wordpress 2.1
Wordpress Wordpress 2.0.6
Wordpress Wordpress 2.0.1
Wordpress Wordpress 2.8.4
Wordpress Wordpress 2.0.4
Wordpress Wordpress 3.0.2
Wordpress Wordpress 3.2.1
Wordpress Wordpress 0.711
Wordpress Wordpress 3.1.4
Wordpress Wordpress 2.2
Wordpress Wordpress 1.2.1
Wordpress Wordpress 0.7
Wordpress Wordpress 2.1.3
Wordpress Wordpress 3.0
Wordpress Wordpress 2.8
1 EDB exploit
NA
CVE-2011-3818
WordPress 2.9.2 and 3.0.4 allows remote malicious users to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by wp-admin/includes/user.php and certain other files.
Wordpress Wordpress 3.0.4
Wordpress Wordpress 2.9.2
NA
CVE-2011-3267
PHP prior to 5.3.7 does not properly implement the error_log function, which allows context-dependent malicious users to cause a denial of service (application crash) via unspecified vectors.
Php Php 4.3.11
Php Php 4.3.4
Php Php 4.2.2
Php Php 4.4.5
Php Php 4.4.6
Php Php 4.3.8
Php Php 4.3.9
Php Php 4.4.4
Php Php 5.0.5
Php Php 5.0.0
Php Php 5.2.12
Php Php 5.2.13
Php Php 5.2.2
Php Php 1.0
Php Php 5.3.0
Php Php 3.0.11
Php Php 3.0.18
Php Php 3.0.4
Php Php 4.0
Php Php 3.0.9
Php Php 4.3.3
Php Php 4.3.6
NA
CVE-2011-3268
Buffer overflow in the crypt function in PHP prior to 5.3.7 allows context-dependent malicious users to have an unspecified impact via a long salt argument, a different vulnerability than CVE-2011-2483.
Php Php 4.3.11
Php Php 4.3.4
Php Php 4.2.2
Php Php 4.3.10
Php Php 4.3.1
Php Php 4.3.2
Php Php 4.2.0
Php Php 4.2.3
Php Php 4.3.7
Php Php 5.2.11
Php Php 4.4.2
Php Php 4.4.3
Php Php 5.1.2
Php Php 5.1.1
Php Php 5.0.1
Php Php 5.0.0
Php Php 5.2.3
Php Php 5.2.1
Php Php 5.2.10
Php Php 5.2.4
Php Php 3.0.1
Php Php 3.0
NA
CVE-2011-3182
PHP prior to 5.3.7 does not properly check the return values of the malloc, calloc, and realloc library functions, which allows context-dependent malicious users to cause a denial of service (NULL pointer dereference and application crash) or trigger a buffer overflow by leveragi...
Php Php 4.3.3
Php Php 4.3.6
Php Php 4.4.6
Php Php 4.4.7
Php Php 4.3.9
Php Php 5.2.8
Php Php 4.4.0
Php Php 5.0.4
Php Php 5.2.9
Php Php 5.0.0
Php Php 5.1.6
Php Php 5.2.0
Php Php 2.0b10
Php Php 2.0
Php Php 3.0.11
Php Php 3.0.10
Php Php 3.0.3
Php Php 3.0.15
Php Php 3.0.7
Php Php 3.0.8
Php Php 4.0
Php Php 4.0.6
1 EDB exploit
NA
CVE-2011-2202
The rfc1867_post_handler function in main/rfc1867.c in PHP prior to 5.3.7 does not properly restrict filenames in multipart/form-data POST requests, which allows remote malicious users to conduct absolute path traversal attacks, and possibly create or overwrite arbitrary files, v...
Php Php 5.3.0
Php Php 4.0.4
Php Php 4.0.5
Php Php 4.0
Php Php 4.1.0
Php Php 4.2.2
Php Php 4.2.3
Php Php 4.3.3
Php Php 4.3.4
Php Php 4.4.1
Php Php 4.4.2
Php Php 3.0.11
Php Php 3.0.10
Php Php 3.0.4
Php Php 3.0.3
Php Php 3.0.8
Php Php 3.0.5
Php Php
Php Php 4.0.0
Php Php 4.0.1
Php Php 4.2.0
Php Php 4.3.1
1 EDB exploit
NA
CVE-2011-0708
exif.c in the Exif extension in PHP prior to 5.3.6 on 64-bit platforms performs an incorrect cast, which allows remote malicious users to cause a denial of service (application crash) via an image with a crafted Image File Directory (IFD) that triggers a buffer over-read.
Php Php 4.0.2
Php Php 4.0.3
Php Php 5.3.0
Php Php 4.0.4
Php Php 4.0.5
Php Php 4.0
Php Php 4.1.0
Php Php 4.2.2
Php Php 4.2.3
Php Php 4.3.3
Php Php 4.3.4
Php Php 4.4.1
Php Php 4.4.2
Php Php 3.0.11
Php Php 3.0.10
Php Php 3.0.4
Php Php 3.0.3
Php Php 3.0.8
Php Php 3.0.5
Php Php 5.2.13
Php Php 5.2.11
Php Php 5.2.14
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »