Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php php 4.3.2 vulnerabilities and exploits
(subscribe to this query)
570
VMScore
CVE-2008-7068
The dba_replace function in PHP 5.2.6 and 4.x allows context-dependent malicious users to cause a denial of service (file truncation) via a key with the NULL byte. NOTE: this might only be a vulnerability in limited circumstances in which the attacker can modify or add database e...
Php Php 4.1.0
Php Php 4.0.0
Php Php 4.0
Php Php 4.0.3
Php Php 4.0.7
Php Php 4.3.4
Php Php 4.3.3
Php Php 4.2.2
Php Php 4.3.0
Php Php 4.3.8
Php Php 4.3.9
Php Php 4.2.0
Php Php 4.0.1
Php Php 4.0.5
Php Php 4.0.4
Php Php 4.3.2
Php Php 4.3.11
Php Php 4.2
Php Php 4.4.9
Php Php 4.3.7
Php Php 4.4.4
Php Php 5.2.6
231
VMScore
CVE-2008-5814
Cross-site scripting (XSS) vulnerability in PHP, possibly 5.2.7 and previous versions, when display_errors is enabled, allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors. NOTE: because of the lack of details, it is unclear whether this is...
Php Php
Php Php 5.1.1
Php Php 5.1.0
Php Php 5.0.5
Php Php 5.0.0
Php Php 5
Php Php 4.4.9
Php Php 4.4.0
Php Php 4.4.1
Php Php 4.3.4
Php Php 4.3.0
Php Php 4.1.0
Php Php 4.2.1
Php Php 4.0
Php Php 4.1.1
Php Php 4.0.6
Php Php 4.0.7
Php Php 4.0.1
Php Php 3.0.4
Php Php 3.0.3
Php Php 3.0.11
Php Php 3.0.10
890
VMScore
CVE-2008-5557
Heap-based buffer overflow in ext/mbstring/libmbfl/filters/mbfilter_htmlent.c in the mbstring extension in PHP 4.3.0 up to and including 5.2.6 allows context-dependent malicious users to execute arbitrary code via a crafted string containing an HTML entity, which is not properly ...
Php Php 4.3.2
Php Php 4.3.3
Php Php 4.3.10
Php Php 4.3.11
Php Php 4.4.2
Php Php 4.4.3
Php Php 5.0.0
Php Php 5.1.0
Php Php 5.1.1
Php Php 5.2.2
Php Php 5.2.3
Php Php 4.3.1
Php Php 4.3.0
Php Php 4.3.8
Php Php 4.3.9
Php Php 4.4.8
Php Php 4.4.9
Php Php 4.4.1
Php Php 5.0.4
Php Php 5.0.5
Php Php 5.2.0
Php Php 5.2.1
1000
VMScore
CVE-2008-5060
Multiple PHP remote file inclusion vulnerabilities in ModernBill 4.4 and previous versions allow remote malicious users to execute arbitrary PHP code via a URL in the DIR parameter to (1) export_batch.inc.php, (2) run_auto_suspend.cron.php, and (3) send_email_cache.php in include...
Modernbill Modernbill 2.01
Modernbill Modernbill 2.02s
Modernbill Modernbill 4.1.1
Modernbill Modernbill 4.1.2
Modernbill Modernbill 4.1.3
Modernbill Modernbill 4.0.2
Modernbill Modernbill 3.1.3
Modernbill Modernbill
Modernbill Modernbill 3.0
Modernbill Modernbill 3.1.0
Modernbill Modernbill 4.2.1
Modernbill Modernbill 4.3.0
Modernbill Modernbill 4.0.1
Modernbill Modernbill 4.3.2
1 EDB exploit
454
VMScore
CVE-2008-4107
The (1) rand and (2) mt_rand functions in PHP 5.2.6 do not produce cryptographically strong random numbers, which allows malicious users to leverage exposures in products that rely on these functions for security-relevant functionality, as demonstrated by the password-reset funct...
Php Php 4.4.7
Php Php 4.3.9
Php Php 4.3.8
Php Php 4.3.11
Php Php 4.3.10
Php Php 4.2.1
Php Php 4.0
Php Php 4.0.4
Php Php 4.0.3
Php Php 4.4.6
Php Php 4.4.5
Php Php 4.3.7
Php Php 4.3.6
Php Php 4.3.1
Php Php 4.3.0
Php Php 4.1.0
Php Php 4.1.2
Php Php 4.0.7
Php Php 4.0.2
Php Php 4.0.1
Php Php 4.4.1
Php Php 4.4.0
668
VMScore
CVE-2007-4658
The money_format function in PHP 5 prior to 5.2.4, and PHP 4 prior to 4.4.8, permits multiple (1) %i and (2) %n tokens, which has unknown impact and attack vectors, possibly related to a format string vulnerability.
Php Php 5.0.4
Php Php 5.0.3
Php Php 5.0.0
Php Php 5.0.2
Php Php 5.2.0
Php Php 5.1.4
Php Php 5.1.0
Php Php 5.2.12
Php Php 5.2.1
Php Php 5.2.2
Php Php 5.2.11
Php Php 5.0.5
Php Php 5.2.13
Php Php 5.1.6
Php Php 5.2.3
Php Php 5.2.10
Php Php 5.1.3
Php Php 5.1.2
Php Php 5.1.1
Php Php 5.0.1
Php Php 5.1.5
Php Php 5.2.14
445
VMScore
CVE-2007-4652
The session extension in PHP prior to 5.2.4 might allow local users to bypass open_basedir restrictions via a session file that is a symlink.
Php Php
Php Php 4.3.10
Php Php 4.3.5
Php Php 4.2.1
Php Php 5.0.0
Php Php 4.4.4
Php Php 5.0.5
Php Php 5.1.6
Php Php 5.2.0
Php Php 5.1.4
Php Php 4.4.8
Php Php 4.4.9
Php Php 3.0
Php Php 3.0.2
Php Php 4.0
Php Php 4.3.11
Php Php 4.3.4
Php Php 4.2.2
Php Php 4.4.5
Php Php 4.4.0
Php Php 4.4.1
Php Php 5.1.3
1 EDB exploit
435
VMScore
CVE-2007-3799
The session_start function in ext/session in PHP 4.x up to 4.4.7 and 5.x up to 5.2.3 allows remote malicious users to insert arbitrary attributes into the session cookie via special characters in a cookie that is obtained from (1) PATH_INFO, (2) the session_id function, and (3) t...
Php Php 4.3.10
Php Php 4.3.1
Php Php 4.2.1
Php Php 4.2.0
Php Php 4.3.9
Php Php 4.4.0
Php Php 4.0.1
Php Php 4.0.0
Php Php 4.0.3
Php Php 4.0.2
Php Php 4.3.2
Php Php 4.3.11
Php Php 4.2.3
Php Php 4.2.2
Php Php 4.4.1
Php Php 4.4.2
Php Php 4.0
Php Php 4.1.2
Php Php 4.1.1
Php Php 4.1.0
Php Php 4.3.4
Php Php 4.3.3
1 EDB exploit
828
VMScore
CVE-2007-2844
PHP 4.x and 5.x prior to 5.2.1, when running on multi-threaded systems, does not ensure thread safety for libc crypt function calls using protection schemes such as a mutex, which creates race conditions that allow remote malicious users to overwrite internal program memory and g...
Php Php 4.0.3
Php Php 4.0.7
Php Php 4.0
Php Php 4.1.0
Php Php 4.3.1
Php Php 4.3.10
Php Php 4.3.7
Php Php 4.3.8
Php Php 4.4.5
Php Php 4.4.6
Php Php 5.0.0
Php Php 5.0.1
Php Php 4.0.0
Php Php 4.0.1
Php Php 4.0.5
Php Php 4.0.6
Php Php 4.2.1
Php Php 4.2.2
Php Php 4.3.3
Php Php 4.3.4
Php Php 4.4.1
Php Php 4.4.2
231
VMScore
CVE-2007-2727
The mcrypt_create_iv function in ext/mcrypt/mcrypt.c in PHP prior to 4.4.7, 5.2.1, and possibly 5.0.x and other PHP 5 versions, calls php_rand_r with an uninitialized seed variable and therefore always generates the same initialization vector (IV), which might allow context-depen...
Php Php 4.3.9
Php Php 4.2.0
Php Php 4.1.0
Php Php 4.3.4
Php Php 4.0.4
Php Php 4.3.0
Php Php 4.0.5
Php Php 4.3.6
Php Php 4.0.7
Php Php 4.3.11
Php Php 4.3.2
Php Php 4.2.2
Php Php 4.0.3
Php Php 4.3.7
Php Php 4.0.6
Php Php 4.1.2
Php Php 4.0.1
Php Php 4.3.3
Php Php 4.1.1
Php Php 4.3.1
Php Php 4.3.10
Php Php 4.0.2
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »