Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php php 4.2 vulnerabilities and exploits
(subscribe to this query)
2.6
CVSSv2
CVE-2008-5814
Cross-site scripting (XSS) vulnerability in PHP, possibly 5.2.7 and previous versions, when display_errors is enabled, allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors. NOTE: because of the lack of details, it is unclear whether this is...
Php Php
Php Php 5.1.1
Php Php 5.1.0
Php Php 5.0.5
Php Php 5.0.0
Php Php 5
Php Php 4.4.9
Php Php 4.4.0
Php Php 4.4.1
Php Php 4.3.4
Php Php 4.3.0
Php Php 4.1.0
Php Php 4.2.1
Php Php 4.0
Php Php 4.1.1
Php Php 4.0.6
Php Php 4.0.7
Php Php 4.0.1
Php Php 3.0.4
Php Php 3.0.3
Php Php 3.0.11
Php Php 3.0.10
5
CVSSv2
CVE-2005-1043
exif.c in PHP prior to 4.3.11 allows remote malicious users to cause a denial of service (memory consumption and crash) via an EXIF header with a large IFD nesting level, which causes significant stack recursion.
Php Php 4.3.1
Php Php 4.3.10
Php Php 4.3.2
Php Php 4.3.9
Sgi Propack 3.0
Php Php 4.3.0
Php Php 4.3.7
Php Php 4.3.8
Php Php 4.3.5
Php Php 4.3.6
Php Php 4.3.3
Php Php 4.3.4
Conectiva Linux 10.0
Conectiva Linux 9.0
Apple Mac Os X Server 10.3.9
Apple Mac Os X Server 10.4
Suse Suse Linux 4.2
Suse Suse Linux 4.3
Suse Suse Linux 4.4
Suse Suse Linux 6.1
Suse Suse Linux 6.4
Apple Mac Os X 10.4
7.5
CVSSv2
CVE-2005-1222
cat_for_gen.php in Annuaire Netref 4.2 allows remote malicious users to execute arbitrary PHP code by setting the ad_direct parameter to reference cat_for_gen.php, then including the code in the m_for_racine parameter, which is then written to cat_for_gen.php.
Netref Netref 4.2
1 EDB exploit
7.5
CVSSv2
CVE-2006-5289
Multiple PHP remote file inclusion vulnerabilities in Vtiger CRM 4.2 and previous versions allow remote malicious users to execute arbitrary PHP code via a URL in the calpath parameter to (1) modules/Calendar/admin/update.php, (2) modules/Calendar/admin/scheme.php, or (3) modules...
Vtiger Vtiger Crm 4.2
1 EDB exploit
6.8
CVSSv2
CVE-2007-0123
Unrestricted file upload vulnerability in Uber Uploader 4.2 allows remote malicious users to upload and execute arbitrary PHP scripts by naming them with a .phtml extension, which bypasses the .php extension check but is still executable on some server configurations.
Uber Uploader Uber Uploader 4.2
7.5
CVSSv2
CVE-2005-4011
SQL injection vulnerability in calendar.php in Codewalkers ltwCalendar (aka PHP Event Calendar) 4.2, 4.1.3, and previous versions allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Codewalkers Ltwcalendar
1 EDB exploit
4.3
CVSSv2
CVE-2017-12810
PHPJabbers PHP Newsletter Script 4.2 has stored XSS in lists in the admin panel.
Stivasoft Phpjabbers Newsletter Script 4.2
NA
CVE-2023-30090
Semcms Shop v4.2 exists to contain an arbitrary file uplaod vulnerability via the component SEMCMS_Upfile.php. This vulnerability allows malicious users to execute arbitrary code via uploading a crafted PHP file.
Sem-cms Semcms 4.2
5
CVSSv2
CVE-2006-6229
Codewalkers ltwCalendar (aka PHP Event Calendar) prior to 4.2.1 logs failed passwords, which might allow malicious users to infer correct passwords from the log file.
Codewalkers Ltwcalendar 4.1.3
Codewalkers Ltwcalendar 4.2
6.8
CVSSv2
CVE-2006-6228
Cross-site scripting (XSS) vulnerability in Codewalkers ltwCalendar (aka PHP Event Calendar) prior to 4.2.1 allows remote malicious users to inject arbitrary HTML or web script via unknown vectors.
Codewalkers Ltwcalendar 4.1.3
Codewalkers Ltwcalendar 4.2
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »