Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php php 4.0.7 vulnerabilities and exploits
(subscribe to this query)
465
VMScore
CVE-2007-1835
PHP 4 prior to 4.4.5 and PHP 5 prior to 5.2.1, when using an empty session save path (session.save_path), uses the TMPDIR default after checking the restrictions, which allows local users to bypass open_basedir restrictions.
Php Php 4.3.9
Php Php 4.0
Php Php 5.1.5
Php Php 5.1.2
Php Php 4.2.0
Php Php 5.1.1
Php Php 4.4.4
Php Php 5.0.0
Php Php 4.1.0
Php Php 5.1.6
Php Php 4.3.4
Php Php 4.0.4
Php Php 4.3.0
Php Php 4.0.5
Php Php 5.0
Php Php 5.0.5
Php Php 4.3.6
Php Php 5.0.1
Php Php 5.1.4
Php Php 4.0.7
Php Php 4.3.7
Php Php 5.0.4
1 EDB exploit
645
VMScore
CVE-2006-1015
Argument injection vulnerability in certain PHP 3.x, 4.x, and 5.x applications, when used with sendmail and when accepting remote input for the additional_parameters argument to the mail function, allows remote malicious users to read and create arbitrary files via the sendmail -...
Php Php 4.3.9
Php Php 3.0
Php Php 3.0.5
Php Php 3.0.11
Php Php 5.1.2
Php Php 4.2.0
Php Php 5.1.1
Php Php 3.0.1
Php Php 3.0.2
Php Php 5.0.0
Php Php 4.1.0
Php Php 4.3.4
Php Php 4.0.4
Php Php 4.3.0
Php Php 4.0.5
Php Php 5.0
Php Php 3.0.8
Php Php 5.0.5
Php Php 4.3.6
Php Php 3.0.13
Php Php 5.0.1
Php Php 4.0.7
1 EDB exploit
505
VMScore
CVE-2006-1490
PHP prior to 5.1.3-RC1 might allow remote malicious users to obtain portions of memory via crafted binary data sent to a script that processes user input in the html_entity_decode function and sends the encoded results back to the client, aka a "binary safety" issue. NO...
Php Php 4.3.9
Php Php 3.0
Php Php 3.0.5
Php Php 3.0.11
Php Php 5.1.2
Php Php 4.2.0
Php Php 5.1.1
Php Php 3.0.1
Php Php 3.0.2
Php Php 5.0.0
Php Php 4.1.0
Php Php 4.3.4
Php Php 4.0.4
Php Php 4.3.0
Php Php 4.0.5
Php Php 5.0
Php Php 3.0.8
Php Php 5.0.5
Php Php 4.3.6
Php Php 3.0.13
Php Php 5.0.1
Php Php 4.0.7
1 EDB exploit
445
VMScore
CVE-2007-1460
The zip:// URL wrapper provided by the PECL zip extension in PHP prior to 4.4.7, and 5.2.0 and 5.2.1, does not implement safemode or open_basedir checks, which allows remote malicious users to read ZIP archives located outside of the intended directories.
Php Php 4.3.9
Php Php 3.0
Php Php 4.0
Php Php 3.0.5
Php Php 3.0.11
Php Php 4.2.0
Php Php 3.0.1
Php Php 3.0.2
Php Php 4.4.4
Php Php 4.1.0
Php Php 4.3.4
Php Php 4.0.4
Php Php 4.3.0
Php Php 4.0.5
Php Php 3.0.8
Php Php 4.3.6
Php Php 3.0.13
Php Php
Php Php 4.3.7
Php Php 4.2.2
Php Php 4.4.2
Php Php 3.0.7
435
VMScore
CVE-2007-3799
The session_start function in ext/session in PHP 4.x up to 4.4.7 and 5.x up to 5.2.3 allows remote malicious users to insert arbitrary attributes into the session cookie via special characters in a cookie that is obtained from (1) PATH_INFO, (2) the session_id function, and (3) t...
Php Php 4.3.9
Php Php 4.0
Php Php 4.2.0
Php Php 4.4.4
Php Php 4.1.0
Php Php 4.3.4
Php Php 4.0.4
Php Php 4.3.0
Php Php 4.0.5
Php Php 4.3.6
Php Php 4.3.7
Php Php 4.2.2
Php Php 4.4.2
Php Php 4.3.2
Php Php 4.3.11
Php Php 4.0.0
Php Php 4.0.7
Php Php 4.0.2
Php Php 4.3.3
Php Php 4.1.1
Php Php 4.4.3
Php Php 4.2.3
1 EDB exploit
668
VMScore
CVE-2007-4658
The money_format function in PHP 5 prior to 5.2.4, and PHP 4 prior to 4.4.8, permits multiple (1) %i and (2) %n tokens, which has unknown impact and attack vectors, possibly related to a format string vulnerability.
Php Php 5.1.5
Php Php 5.1.2
Php Php 5.1.1
Php Php 5.2.14
Php Php 5.0.0
Php Php 5.1.6
Php Php 5.2.2
Php Php 5.0.5
Php Php 5.0.1
Php Php 5.1.4
Php Php 5.0.4
Php Php 5.2.12
Php Php 5.2.11
Php Php 5.2.3
Php Php 5.0.3
Php Php 5.1.0
Php Php 5.2.13
Php Php 5.2.0
Php Php 5.1.3
Php Php 5.2.10
Php Php 5.0.2
Php Php 5.2.1
445
VMScore
CVE-2009-3557
The tempnam function in ext/standard/file.c in PHP prior to 5.2.12 and 5.3.x prior to 5.3.1 allows context-dependent malicious users to bypass safe_mode restrictions, and create files in group-writable or world-writable directories, via the dir and prefix arguments.
Php Php 4.4.9
Php Php 3.0
Php Php 4.0
Php Php 3.0.5
Php Php 3.0.11
Php Php 4.2.0
Php Php 5.1.1
Php Php 3.0.1
Php Php 3.0.2
Php Php 4.1.0
Php Php 4.0.4
Php Php 4.3.0
Php Php 4.0.5
Php Php 3.0.8
Php Php 3.0.13
Php Php 5.2.5
Php Php 4.3.7
Php Php 4.2.2
Php Php 4.4.2
Php Php 3.0.7
Php Php 4.3.2
Php Php 4.3.11
465
VMScore
CVE-2006-3011
The error_log function in basic_functions.c in PHP prior to 4.4.4 and 5.x prior to 5.1.5 allows local users to bypass safe mode and open_basedir restrictions via a "php://" or other scheme in the third argument, which disables safe mode.
Php Php 4.3.9
Php Php 3.0
Php Php 4.0
Php Php 3.0.5
Php Php 3.0.11
Php Php 4.2.0
Php Php 3.0.1
Php Php 3.0.2
Php Php 4.1.0
Php Php 4.3.4
Php Php 4.0.4
Php Php 4.3.0
Php Php 4.0.5
Php Php 3.0.8
Php Php 4.3.6
Php Php 3.0.13
Php Php 4.3.7
Php Php 4.2.2
Php Php 4.4.2
Php Php 3.0.7
Php Php 4.3.2
Php Php 4.3.11
1 EDB exploit
383
VMScore
CVE-2011-0753
Race condition in the PCNTL extension in PHP prior to 5.3.4, when a user-defined signal handler exists, might allow context-dependent malicious users to cause a denial of service (memory corruption) via a large number of concurrent signals.
Php Php 4.3.9
Php Php 4.4.9
Php Php 3.0
Php Php 4.0
Php Php 3.0.5
Php Php 3.0.11
Php Php 5.3.1
Php Php 4.2.0
Php Php 3.0.1
Php Php 3.0.2
Php Php 4.4.4
Php Php 4.1.0
Php Php 4.3.4
Php Php 4.0.4
Php Php 4.3.0
Php Php 4.0.5
Php Php 3.0.8
Php Php 4.3.6
Php Php 3.0.13
Php Php 4.3.7
Php Php 4.2.2
Php Php 4.4.2
392
VMScore
CVE-2011-0754
The SplFileInfo::getType function in the Standard PHP Library (SPL) extension in PHP prior to 5.3.4 on Windows does not properly detect symbolic links, which might make it easier for local users to conduct symlink attacks by leveraging cross-platform differences in the stat struc...
Php Php
Php Php 1.0
Php Php 2.0
Php Php 2.0b10
Php Php 3.0
Php Php 3.0.1
Php Php 3.0.2
Php Php 3.0.3
Php Php 3.0.4
Php Php 3.0.5
Php Php 3.0.6
Php Php 3.0.7
Php Php 3.0.8
Php Php 3.0.9
Php Php 3.0.10
Php Php 3.0.11
Php Php 3.0.12
Php Php 3.0.13
Php Php 3.0.14
Php Php 3.0.15
Php Php 3.0.16
Php Php 3.0.17
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-30065
CVE-2024-5843
CVE-2024-30080
code execution
CVE-2024-4577
CVE-2024-26169
wireless
remote code execution
CVE-2024-36103
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »