Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php php 4.0 vulnerabilities and exploits
(subscribe to this query)
755
VMScore
CVE-2007-1700
The session extension in PHP 4 prior to 4.4.5, and PHP 5 prior to 5.2.1, calculates the reference count for the session variables without considering the internal pointer from the session globals, which allows context-dependent malicious users to execute arbitrary code via a craf...
Php Php 4.0.0
Php Php 4.0.1
Php Php 4.0.4
Php Php 4.0.5
Php Php 4.0
Php Php 4.2.0
Php Php 4.2.1
Php Php 4.3.11
Php Php 4.3.2
Php Php 4.4.0
Php Php 4.4.1
Php Php 5.0.0
Php Php 5.0.4
Php Php 5.0.5
Php Php 5.0
Php Php 5.1.3
Php Php 5.1.4
Php Php 4.0.3
Php Php 4.1.1
Php Php 4.1.2
Php Php 4.3.1
Php Php 4.3.10
1 EDB exploit
755
VMScore
CVE-2007-1633
Directory traversal vulnerability in bbcode_ref.php in the Giorgio Ciranni Splatt Forum 4.0 RC1 module for PHP-Nuke allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the name parameter, as demonstrated by injecting PHP sequences into...
Giorgio Ciranni Splatt Forum 4.0 Rc1
1 EDB exploit
755
VMScore
CVE-2007-0535
Multiple eval injection vulnerabilities in Vote! Pro 4.0, and possibly earlier, allow remote malicious users to execute arbitrary code via requests to unspecified PHP scripts with the poll_id parameter, which is supplied to eval function calls, a different set of vectors than CVE...
Vote Pro Vote Pro
1 EDB exploit
755
VMScore
CVE-2007-0395
PHP remote file inclusion vulnerability in libraries/grab_globals.lib.php in ComVironment 4.0 allows remote malicious users to execute arbitrary PHP code via a URL in the inc_dir parameter.
Comvironment Comvironment 4.0
1 EDB exploit
755
VMScore
CVE-2006-6690
rtehtmlarea/pi1/class.tx_rtehtmlarea_pi1.php in Typo3 4.0.0 up to and including 4.0.3, 3.7 and 3.8 with the rtehtmlarea extension, and 4.1 beta allows remote authenticated users to execute arbitrary commands via shell metacharacters in the userUid parameter to rtehtmlarea/htmlare...
Typo3 Typo3 4.0
Typo3 Typo3 4.0.1
Typo3 Typo3 3.7.0
Typo3 Typo3 3.8
Typo3 Typo3 4.0.2
Typo3 Typo3 4.0.3
1 EDB exploit
755
VMScore
CVE-2006-5893
Multiple PHP remote file inclusion vulnerabilities in iWonder Designs Storystream 0.4.0.0 allow remote malicious users to execute arbitrary PHP code via a URL in the baseDir parameter to (1) mysql.php and (2) mysqli.php in include/classes/pear/DB/.
Iwonder Designs Storystream 0.4.0.0
1 EDB exploit
755
VMScore
CVE-2006-5062
PHP remote file inclusion vulnerability in templates/pb/language/lang_nl.php in PBLang (PBL) 4.66z and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the temppath parameter.
Pblang Pblang 4.66
Pblang Pblang
Pblang Pblang 4.0
Pblang Pblang 4.56 4.5 Rc2
Pblang Pblang 4.6
Pblang Pblang 4.63
Pblang Pblang 4.65
1 EDB exploit
755
VMScore
CVE-2006-4870
Multiple PHP remote file inclusion vulnerabilities in AEDating 4.1, and possibly earlier versions, allow remote malicious users to execute arbitrary PHP code via a URL in the dir[inc] parameter in (1) inc/design.inc.php or (2) inc/admin_design.inc.php.
Aewebworks Aedating
Aewebworks Aedating 4.0
1 EDB exploit
755
VMScore
CVE-2006-4828
PHP remote file inclusion vulnerability in zipndownload.php in PhotoPost 4.0 up to and including 4.6 allows remote malicious users to execute arbitrary PHP code via a URL in the PP_PATH parameter.
Photopost Photopost Php Pro 4.0
Photopost Photopost Php Pro 4.1
Photopost Photopost Php Pro 4.2
Photopost Photopost Php Pro 4.3
Photopost Photopost Php Pro 4.6
Photopost Photopost Php Pro 4.4
Photopost Photopost Php Pro 4.5
1 EDB exploit
755
VMScore
CVE-2006-4443
PHP remote file inclusion vulnerability in myajaxphp.php in AlstraSoft Video Share Enterprise allows remote malicious users to execute arbitrary PHP code via a URL in the config[BASE_DIR] parameter.
Alstrasoft Video Share Enterprise 4.0
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »