Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php php 3.0.2 vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2010-0983
PHP remote file inclusion vulnerability in include/mail.inc.php in Rezervi 3.0.2 and previous versions, when register_globals is enabled, allows remote malicious users to execute arbitrary PHP code via a URL in the root parameter, a different vector than CVE-2007-2156.
Utilo Rezervi
1 EDB exploit
6.8
CVSSv2
CVE-2009-3558
The posix_mkfifo function in ext/posix/posix.c in PHP prior to 5.2.12 and 5.3.x prior to 5.3.1 allows context-dependent malicious users to bypass open_basedir restrictions, and create FIFO files, via the pathname and mode arguments, as demonstrated by creating a .htaccess file.
Php Php 3.0
Php Php 4.0
Php Php 3.0.5
Php Php 3.0.11
Php Php 4.2.0
Php Php 5.1.1
Php Php 3.0.1
Php Php 3.0.2
Php Php 4.1.0
Php Php 4.0.4
Php Php 4.3.0
Php Php 4.0.5
Php Php 3.0.8
Php Php 3.0.13
Php Php 5.2.5
Php Php 4.3.7
Php Php 4.2.2
Php Php
Php Php 4.4.2
Php Php 3.0.7
Php Php 4.3.2
Php Php 4.3.11
6.8
CVSSv2
CVE-2008-5906
Eval injection vulnerability in the web interface plugin in KTorrent prior to 3.1.4 allows remote malicious users to execute arbitrary PHP code via unspecified parameters to this interface's PHP scripts.
Ktorrent Ktorrent 2.0.3
Ktorrent Ktorrent 1.1
Ktorrent Ktorrent 3.0.2
Ktorrent Ktorrent 3.1.2
Ktorrent Ktorrent 2.2
Ktorrent Ktorrent 2.0
Ktorrent Ktorrent 2.2.1
Ktorrent Ktorrent 2.2.8
Ktorrent Ktorrent 2.1
Ktorrent Ktorrent 2.1.1
Ktorrent Ktorrent 2.2.2
Ktorrent Ktorrent
Ktorrent Ktorrent 2.1.2
Ktorrent Ktorrent 2.0.1
Ktorrent Ktorrent 1.2
Ktorrent Ktorrent 2.2.5
Ktorrent Ktorrent 2.1.4
Ktorrent Ktorrent 2.2.7
Ktorrent Ktorrent 3.0
Ktorrent Ktorrent 3.0.1
Ktorrent Ktorrent 3.0.0
Ktorrent Ktorrent 2.2.3
6.5
CVSSv2
CVE-2019-11376
SOY CMS v3.0.2 allows remote malicious users to execute arbitrary PHP code via a <?php substring in the second text box. NOTE: the vendor indicates that there was an assumption that the content is "made editable on its own.
Brassica Soy Cms 3.0.2
6.5
CVSSv2
CVE-2013-7344
Unspecified vulnerability in core/settings.php in ownCloud prior to 4.0.12 and 4.5.x prior to 4.5.6 allows remote authenticated users to execute arbitrary PHP code via unknown vectors. NOTE: this issue was SPLIT from CVE-2013-0303 due to different affected versions.
Owncloud Owncloud 4.0.3
Owncloud Owncloud 4.0.0
Owncloud Owncloud
Owncloud Owncloud 4.5.1
Owncloud Owncloud 3.0.3
Owncloud Owncloud 4.0.10
Owncloud Owncloud 4.0.8
Owncloud Owncloud 4.0.1
Owncloud Owncloud 4.0.6
Owncloud Owncloud 4.0.5
Owncloud Owncloud 4.5.0
Owncloud Owncloud 4.5.2
Owncloud Owncloud 4.0.2
Owncloud Owncloud 3.0.0
Owncloud Owncloud 3.0.2
Owncloud Owncloud 4.0.9
Owncloud Owncloud 4.0.7
Owncloud Owncloud 4.5.4
Owncloud Owncloud 4.0.4
Owncloud Owncloud 4.5.3
Owncloud Owncloud 4.5.5
Owncloud Owncloud 3.0.1
6.5
CVSSv2
CVE-2013-1850
Multiple incomplete blacklist vulnerabilities in (1) import.php and (2) ajax/uploadimport.php in apps/contacts/ in ownCloud prior to 4.0.13 and 4.5.x prior to 4.5.8 allow remote authenticated users to execute arbitrary PHP code by uploading a .htaccess file.
Owncloud Owncloud 4.5.1
Owncloud Owncloud 4.5.7
Owncloud Owncloud 4.5.0
Owncloud Owncloud 4.5.2
Owncloud Owncloud 4.5.4
Owncloud Owncloud 4.5.3
Owncloud Owncloud 4.5.5
Owncloud Owncloud 4.5.6
Owncloud Owncloud 4.0.3
Owncloud Owncloud 4.0.0
Owncloud Owncloud 4.0.11
Owncloud Owncloud 3.0.3
Owncloud Owncloud 4.0.10
Owncloud Owncloud
Owncloud Owncloud 4.0.8
Owncloud Owncloud 4.0.1
Owncloud Owncloud 4.0.6
Owncloud Owncloud 4.0.5
Owncloud Owncloud 4.0.2
Owncloud Owncloud 3.0.0
Owncloud Owncloud 3.0.2
Owncloud Owncloud 4.0.9
6.5
CVSSv2
CVE-2012-5610
Incomplete blacklist vulnerability in lib/filesystem.php in ownCloud prior to 4.0.9 and 4.5.x prior to 4.5.2 allows remote authenticated users to execute arbitrary PHP code by uploading a file with a special crafted name.
Owncloud Owncloud 4.0.3
Owncloud Owncloud 4.0.0
Owncloud Owncloud 3.0.3
Owncloud Owncloud
Owncloud Owncloud 4.0.1
Owncloud Owncloud 4.0.6
Owncloud Owncloud 4.0.5
Owncloud Owncloud 4.0.2
Owncloud Owncloud 3.0.0
Owncloud Owncloud 3.0.2
Owncloud Owncloud 4.0.7
Owncloud Owncloud 4.0.4
Owncloud Owncloud 3.0.1
6.5
CVSSv2
CVE-2012-5609
Incomplete blacklist vulnerability in lib/migrate.php in ownCloud prior to 4.5.2 allows remote authenticated users to execute arbitrary PHP code by uploading a crafted mount.php file in a ZIP file.
Owncloud Owncloud 4.0.3
Owncloud Owncloud
Owncloud Owncloud 4.0.0
Owncloud Owncloud 3.0.3
Owncloud Owncloud 4.0.8
Owncloud Owncloud 4.0.1
Owncloud Owncloud 4.0.6
Owncloud Owncloud 4.0.5
Owncloud Owncloud 4.5.0
Owncloud Owncloud 4.0.2
Owncloud Owncloud 3.0.0
Owncloud Owncloud 3.0.2
Owncloud Owncloud 4.0.9
Owncloud Owncloud 4.0.7
Owncloud Owncloud 4.0.4
Owncloud Owncloud 3.0.1
6.4
CVSSv2
CVE-2012-2969
Caucho Quercus, as distributed in Resin prior to 4.0.29, allows remote malicious users to bypass intended restrictions on filename extensions for created files via a %00 sequence in a pathname within an HTTP request.
Caucho Resin 2.0.2
Caucho Resin 4.0.7
Caucho Resin 3.1.4
Caucho Resin 2.1.0
Caucho Resin 3.1.11
Caucho Resin 3.0.16
Caucho Resin 4.0.12
Caucho Resin 4.0.18
Caucho Resin 2.1.6
Caucho Resin 4.0.21
Caucho Resin 3.0.7
Caucho Resin 2.1.8
Caucho Resin 4.0.1
Caucho Resin 3.0.19
Caucho Resin 3.0.14
Caucho Resin 2.1.12
Caucho Resin 2.1.11
Caucho Resin 2.1.13
Caucho Resin 2.1.9
Caucho Resin 4.0.22
Caucho Resin 3.1.10
Caucho Resin 4.0.15
6.4
CVSSv2
CVE-2011-2202
The rfc1867_post_handler function in main/rfc1867.c in PHP prior to 5.3.7 does not properly restrict filenames in multipart/form-data POST requests, which allows remote malicious users to conduct absolute path traversal attacks, and possibly create or overwrite arbitrary files, v...
Php Php 4.3.9
Php Php 4.4.9
Php Php 3.0
Php Php 4.0
Php Php 3.0.5
Php Php 3.0.11
Php Php 5.3.1
Php Php 4.2.0
Php Php 3.0.1
Php Php 3.0.2
Php Php 4.4.4
Php Php 4.1.0
Php Php 4.3.4
Php Php 4.0.4
Php Php 4.3.0
Php Php 4.0.5
Php Php 3.0.8
Php Php 4.3.6
Php Php 3.0.13
Php Php 4.3.7
Php Php 4.2.2
Php Php 4.4.2
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27802
template injection
CVE-2024-0044
code injection
CVE-2024-35474
CVE-2024-27857
CVE-2024-23251
CVE-2024-23692
physical
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »