Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php php 3.0 vulnerabilities and exploits
(subscribe to this query)
3.5
CVSSv2
CVE-2018-6796
PHP Scripts Mall Multilanguage Real Estate MLM Script 3.0 has Stored XSS via every profile input field.
Multilanguage Real Estate Mlm Script Project Multilanguage Real Estate Mlm Script 3.0
7.5
CVSSv2
CVE-2017-17098
The writeLog function in fn_common.php in gps-server.net GPS Tracking Software (self hosted) up to and including 3.0 allows remote malicious users to inject arbitrary PHP code via a crafted request that is mishandled during admin log viewing, as demonstrated by <?php system($_...
Gps-server Gps Tracking Software
1 EDB exploit
5
CVSSv2
CVE-2017-3883
A vulnerability in the authentication, authorization, and accounting (AAA) implementation of Cisco Firepower Extensible Operating System (FXOS) and NX-OS System Software could allow an unauthenticated, remote malicious user to cause an affected device to reload. The vulnerability...
Cisco Firepower Extensible Operating System
Cisco Fxos 2.3
Cisco Nx-os 5.2
Cisco Nx-os 6.2
Cisco Nx-os 6.3
Cisco Nx-os 7.3
Cisco Nx-os 8.1
Cisco Nx-os 8.2
Cisco Nx-os
Cisco Nx-os 7.0
Cisco Nx-os 7.0\\(3\\)i3\\(1\\)
Cisco Nx-os 7.1\\(0.1\\)
Cisco Nx-os 6.1
Cisco Nx-os 2.5
Cisco Nx-os 3.0
Cisco Nx-os 3.1
Cisco Nx-os 3.2
7.5
CVSSv2
CVE-2014-8684
CodeIgniter prior to 3.0 and Kohana 3.2.3 and previous versions and 3.3.x up to and including 3.3.2 make it easier for remote malicious users to spoof session cookies and consequently conduct PHP object injection attacks by leveraging use of standard string comparison operators t...
Kohanaframework Kohana 3.3.1
Codeigniter Codeigniter
Kohanaframework Kohana 3.3.0
Kohanaframework Kohana 3.2.3
1 EDB exploit
7.5
CVSSv2
CVE-2016-3153
SPIP 2.x prior to 2.1.19, 3.0.x prior to 3.0.22, and 3.1.x prior to 3.1.1 allows remote malicious users to execute arbitrary PHP code by adding content, related to the filtrer_entites function.
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Spip Spip 3.0.0
Spip Spip 3.0.9
Spip Spip 3.0.8
Spip Spip 3.0.7
Spip Spip 2.1.6
Spip Spip 2.1.5
Spip Spip 2.1.4
Spip Spip 2.1.3
Spip Spip 2.0.8
Spip Spip 3.1.0
Spip Spip 3.0.20
Spip Spip 3.0.2
Spip Spip 3.0.14
Spip Spip 3.0.15
Spip Spip 3.0.16
Spip Spip 3.0.17
Spip Spip 2.1.15
Spip Spip 2.1.14
Spip Spip 2.1.13
Spip Spip 2.1.12
7.5
CVSSv2
CVE-2016-3154
The encoder_contexte_ajax function in ecrire/inc/filtres.php in SPIP 2.x prior to 2.1.19, 3.0.x prior to 3.0.22, and 3.1.x prior to 3.1.1 allows remote malicious users to conduct PHP object injection attacks and execute arbitrary PHP code via a crafted serialized object.
Spip Spip 3.0.1
Spip Spip 3.0.0
Spip Spip 3.0.9
Spip Spip 3.0.8
Spip Spip 2.1.7
Spip Spip 2.1.6
Spip Spip 2.1.5
Spip Spip 2.1.4
Spip Spip 2.0.9
Spip Spip 2.0.8
Spip Spip 2.0.7
Spip Spip 2.0.6
Spip Spip 2.0.14
Spip Spip 2.0.13
Spip Spip 2.0.12
Spip Spip 2.0.11
Spip Spip 3.1.0
Spip Spip 3.0.14
Spip Spip 3.0.15
Spip Spip 3.0.16
Spip Spip 3.0.17
Spip Spip 2.1.17
7.5
CVSSv2
CVE-2015-5501
The Hostmaster (Aegir) module 6.x-2.x prior to 6.x-2.4 and 7.x-3.x prior to 7.x-3.0-beta2 for Drupal allows remote malicious users to execute arbitrary PHP code via a crafted file in the directory used to write Apache vhost files for hosted sites in a multi-site environment.
Aegirproject Hostmaster 6.x-2.1
Aegirproject Hostmaster 6.x-2.2
Aegirproject Hostmaster 6.x-2.3
Aegirproject Hostmaster 6.x-3.0
Aegirproject Hostmaster 6.x-2.0
5
CVSSv2
CVE-2014-2268
views/Index.php in the Install module in vTiger 6.0 before Security Patch 2 does not properly restrict access, which allows remote malicious users to re-install the application via a request that sets the X-Requested-With HTTP header, as demonstrated by executing arbitrary PHP co...
Vtiger Vtiger Crm 1.0
Vtiger Vtiger Crm 2.0
Vtiger Vtiger Crm 2.0.1
Vtiger Vtiger Crm 2.1
Vtiger Vtiger Crm 5.0.2
Vtiger Vtiger Crm 5.0.3
Vtiger Vtiger Crm 5.0.4
Vtiger Vtiger Crm 5.1.0
Vtiger Vtiger Crm 4
Vtiger Vtiger Crm 4.0
Vtiger Vtiger Crm 4.0.1
Vtiger Vtiger Crm 5.4.0
Vtiger Vtiger Crm 6.0.0
Vtiger Vtiger Crm 3.0
Vtiger Vtiger Crm 4.2
Vtiger Vtiger Crm 5.0.0
Vtiger Vtiger Crm 5.2.1
Vtiger Vtiger Crm 3.2
Vtiger Vtiger Crm 4.2.4
Vtiger Vtiger Crm 5.0.1
Vtiger Vtiger Crm 5.2.0
Vtiger Vtiger Crm 5.3.0
1 EDB exploit
6.5
CVSSv2
CVE-2014-5324
Unrestricted file upload vulnerability in the N-Media file uploader plugin prior to 3.4 for WordPress allows remote authenticated users to execute arbitrary PHP code by leveraging Author privileges to store a file.
Najeebmedia N-media File Uploader 3.0
Najeebmedia N-media File Uploader 3.1
Najeebmedia N-media File Uploader
Najeebmedia N-media File Uploader 3.2
5
CVSSv2
CVE-2014-3777
Directory traversal vulnerability in Reportico PHP Report Designer prior to 4.0 allows remote malicious users to read arbitrary files via a .. (dot dot) in the xmlin parameter.
Reportico Php Report Designer 2.3.1
Reportico Php Report Designer 2.3
Reportico Php Report Designer 2.2
Reportico Php Report Designer 2.1
Reportico Php Report Designer 2.0
Reportico Php Report Designer
Reportico Php Report Designer 3.2
Reportico Php Report Designer 3.1
Reportico Php Report Designer 3.0
Reportico Php Report Designer 1.0.4
Reportico Php Report Designer 1.0.3
Reportico Php Report Designer 1.0.2
Reportico Php Report Designer 1.0.1
Reportico Php Report Designer 2.7
Reportico Php Report Designer 2.5
Reportico Php Report Designer 2.0.1
Reportico Php Report Designer 1.0.6
Reportico Php Report Designer 2.6
Reportico Php Report Designer 2.4
Reportico Php Report Designer 1.0.5
Reportico Php Report Designer 1.0.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »