Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php php 4.0.5 vulnerabilities and exploits
(subscribe to this query)
454
VMScore
CVE-2008-4107
The (1) rand and (2) mt_rand functions in PHP 5.2.6 do not produce cryptographically strong random numbers, which allows malicious users to leverage exposures in products that rely on these functions for security-relevant functionality, as demonstrated by the password-reset funct...
Php Php 4.4.7
Php Php 4.3.9
Php Php 4.3.8
Php Php 4.3.11
Php Php 4.3.10
Php Php 4.2.1
Php Php 4.0
Php Php 4.0.4
Php Php 4.0.3
Php Php 4.4.6
Php Php 4.4.5
Php Php 4.3.7
Php Php 4.3.6
Php Php 4.3.1
Php Php 4.3.0
Php Php 4.1.0
Php Php 4.1.2
Php Php 4.0.7
Php Php 4.0.2
Php Php 4.0.1
Php Php 4.4.1
Php Php 4.4.0
785
VMScore
CVE-2007-1718
CRLF injection vulnerability in the mail function in PHP 4.0.0 up to and including 4.4.6 and 5.0.0 up to and including 5.2.1 allows remote malicious users to inject arbitrary e-mail headers and possibly conduct spam attacks via a control character immediately following folding of...
Php Php 4.0.1
Php Php 4.0.2
Php Php 4.0.7
Php Php 4.0
Php Php 4.2.3
Php Php 4.2
Php Php 4.3.4
Php Php 4.3.5
Php Php 4.4.3
Php Php 4.4.4
Php Php 5.0.0
Php Php 5.0.5
Php Php 5.0
Php Php 5.1.4
Php Php 5.1.5
Php Php 4.0.3
Php Php 4.1.0
Php Php 4.1.1
Php Php 4.3.0
Php Php 4.3.1
Php Php 4.3.6
Php Php 4.3.7
1 EDB exploit
755
VMScore
CVE-2007-1777
Integer overflow in the zip_read_entry function in PHP 4 prior to 4.4.5 allows remote malicious users to execute arbitrary code via a ZIP archive that contains an entry with a length value of 0xffffffff, which is incremented before use in an emalloc call, triggering a heap overfl...
Php Php 3.0.1
Php Php 3.0.10
Php Php 3.0.18
Php Php 3.0.2
Php Php 3.0.9
Php Php 4.0.0
Php Php 4.0.4
Php Php 4.1.1
Php Php 4.1.2
Php Php 4.3.1
Php Php 4.3.10
Php Php 4.3.7
Php Php 4.3.8
Php Php 3.0.11
Php Php 3.0.12
Php Php 3.0.3
Php Php 3.0.4
Php Php 4.0.1
Php Php 4.0.5
Php Php 4.0.6
Php Php 4.2.0
Php Php 4.2.1
1 EDB exploit
465
VMScore
CVE-2007-1835
PHP 4 prior to 4.4.5 and PHP 5 prior to 5.2.1, when using an empty session save path (session.save_path), uses the TMPDIR default after checking the restrictions, which allows local users to bypass open_basedir restrictions.
Php Php 4.0
Php Php 4.0.3
Php Php 4.0.4
Php Php 4.0.7
Php Php 4.1.1
Php Php 4.1.2
Php Php 4.3.1
Php Php 4.3.10
Php Php 4.3.7
Php Php 4.3.8
Php Php 4.4.6
Php Php 5.0.0
Php Php 5.0.1
Php Php 5.0
Php Php 5.1.0
Php Php 5.2.0
Php Php 4.0.2
Php Php 4.1.0
Php Php 4.2
Php Php 4.3.0
Php Php 4.3.5
Php Php 4.3.6
1 EDB exploit
694
VMScore
CVE-2007-1883
PHP 4.0.0 up to and including 4.4.6 and 5.0.0 up to and including 5.2.1 allows context-dependent malicious users to read arbitrary memory locations via an interruption that triggers a user space error handler that changes a parameter to an arbitrary pointer, as demonstrated via t...
Php Php 4.0.0
Php Php 4.0.4
Php Php 4.1.1
Php Php 4.1.2
Php Php 4.3.1
Php Php 4.3.10
Php Php 4.3.7
Php Php 4.3.8
Php Php 4.4.6
Php Php 5.0.0
Php Php 5.0.1
Php Php 5.0
Php Php 5.1.0
Php Php 5.2.0
Php Php 5.2.1
Php Php 4.0.3
Php Php 4.0.7
Php Php 4.1.0
Php Php 4.2
Php Php 4.3.0
Php Php 4.3.5
Php Php 4.3.6
685
VMScore
CVE-2004-0595
The strip_tags function in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, does not filter null (\0) characters within tag names when restricting input to allowed tags, which allows dangerous tags to be processed by web browsers such as Internet Explorer and Safari, which ignore nul...
Avaya Converged Communications Server 2.0
Redhat Fedora Core Core 1.0
Redhat Fedora Core Core 2.0
Trustix Secure Linux 1.5
Trustix Secure Linux 2.0
Trustix Secure Linux 2.1
Php Php 4.0
Php Php 4.0.1
Php Php 4.1.0
Php Php 4.1.1
Php Php 4.1.2
Php Php 4.3.2
Php Php 4.3.3
Avaya S8300 R2.0.0
Avaya S8300 R2.0.1
Php Php 4.0.2
Php Php 4.0.3
Php Php 4.2.0
Php Php 4.2.1
Php Php 4.3.5
Php Php 4.3.6
Avaya S8500 R2.0.0
1 EDB exploit
505
VMScore
CVE-2006-1490
PHP prior to 5.1.3-RC1 might allow remote malicious users to obtain portions of memory via crafted binary data sent to a script that processes user input in the html_entity_decode function and sends the encoded results back to the client, aka a "binary safety" issue. NO...
Php Php 4.3.9
Php Php 3.0
Php Php 3.0.5
Php Php 3.0.11
Php Php 5.1.2
Php Php 4.2.0
Php Php 5.1.1
Php Php 3.0.1
Php Php 3.0.2
Php Php 5.0.0
Php Php 4.1.0
Php Php 4.3.4
Php Php 4.0.4
Php Php 4.3.0
Php Php 4.0.5
Php Php 5.0
Php Php 3.0.8
Php Php 5.0.5
Php Php 4.3.6
Php Php 3.0.13
Php Php 5.0.1
Php Php 4.0.7
1 EDB exploit
645
VMScore
CVE-2006-1015
Argument injection vulnerability in certain PHP 3.x, 4.x, and 5.x applications, when used with sendmail and when accepting remote input for the additional_parameters argument to the mail function, allows remote malicious users to read and create arbitrary files via the sendmail -...
Php Php 3.0.13
Php Php 3.0.14
Php Php 3.0.4
Php Php 3.0.5
Php Php 3.0.6
Php Php 4.0.1
Php Php 4.0.2
Php Php 4.0.7
Php Php 4.2.3
Php Php 4.2
Php Php 4.3.4
Php Php 4.3.5
Php Php 4.4.2
Php Php 5.0.0
Php Php 5.0.1
Php Php 5.0.2
Php Php 5.1.0
Php Php 5.1.1
Php Php 3.0.1
Php Php 3.0.10
Php Php 3.0.17
Php Php 3.0.18
1 EDB exploit
445
VMScore
CVE-2007-1460
The zip:// URL wrapper provided by the PECL zip extension in PHP prior to 4.4.7, and 5.2.0 and 5.2.1, does not implement safemode or open_basedir checks, which allows remote malicious users to read ZIP archives located outside of the intended directories.
Php Php 3.0
Php Php 3.0.2
Php Php 3.0.18
Php Php 3.0.4
Php Php 3.0.3
Php Php 4.0.5
Php Php 4.0.4
Php Php 4.0.3
Php Php 4.0.2
Php Php 4.3.8
Php Php 4.3.9
Php Php 4.4.0
Php Php 4.4.1
Php Php 4.0.7
Php Php 4.4.5
Php Php 5.2.1
Php Php 3.0.13
Php Php 3.0.1
Php Php 3.0.14
Php Php 3.0.16
Php Php 3.0.6
Php Php 4.0.0
435
VMScore
CVE-2007-3799
The session_start function in ext/session in PHP 4.x up to 4.4.7 and 5.x up to 5.2.3 allows remote malicious users to insert arbitrary attributes into the session cookie via special characters in a cookie that is obtained from (1) PATH_INFO, (2) the session_id function, and (3) t...
Php Php 4.3.10
Php Php 4.3.1
Php Php 4.2.1
Php Php 4.2.0
Php Php 4.3.9
Php Php 4.4.0
Php Php 4.0.1
Php Php 4.0.0
Php Php 4.0.3
Php Php 4.0.2
Php Php 4.3.2
Php Php 4.3.11
Php Php 4.2.3
Php Php 4.2.2
Php Php 4.4.1
Php Php 4.4.2
Php Php 4.0
Php Php 4.1.2
Php Php 4.1.1
Php Php 4.1.0
Php Php 4.3.4
Php Php 4.3.3
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4671
unauthorized
CVE-2024-4776
CVE-2024-3407
CVE-2024-26026
CVE-2024-32888
wireless
CVE-2024-4656
template injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »