Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php php 4.2 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-3292
Unspecified vulnerability in PHP prior to 5.2.11, and 5.3.x prior to 5.3.1, has unknown impact and attack vectors related to "missing sanity checks around exif processing."
Php Php 4.3.2
Php Php 4.3.11
Php Php 4.2.3
Php Php 5.0
Php Php 4.4.0
Php Php 4.4.1
Php Php 4.4.2
Php Php 5.0.0
Php Php 1.0
Php Php 2.0b10
Php Php 3.0.11
Php Php 3.0.10
Php Php 3.0.4
Php Php 3.0.3
Php Php 3.0.9
Php Php 4.0
Php Php 4.0.0
Php Php 4.0.4
Php Php 4.0.3
Php Php 4.0.7
Php Php 5.1.4
Php Php 5.1.5
NA
CVE-2005-1043
exif.c in PHP prior to 4.3.11 allows remote malicious users to cause a denial of service (memory consumption and crash) via an EXIF header with a large IFD nesting level, which causes significant stack recursion.
Php Php 4.3.1
Php Php 4.3.10
Php Php 4.3.2
Php Php 4.3.9
Sgi Propack 3.0
Php Php 4.3.0
Php Php 4.3.7
Php Php 4.3.8
Php Php 4.3.5
Php Php 4.3.6
Php Php 4.3.3
Php Php 4.3.4
Conectiva Linux 10.0
Conectiva Linux 9.0
Apple Mac Os X Server 10.3.9
Apple Mac Os X Server 10.4
Suse Suse Linux 4.2
Suse Suse Linux 4.3
Suse Suse Linux 4.4
Suse Suse Linux 6.1
Suse Suse Linux 6.4
Apple Mac Os X 10.4
NA
CVE-2005-1222
cat_for_gen.php in Annuaire Netref 4.2 allows remote malicious users to execute arbitrary PHP code by setting the ad_direct parameter to reference cat_for_gen.php, then including the code in the m_for_racine parameter, which is then written to cat_for_gen.php.
Netref Netref 4.2
1 EDB exploit
NA
CVE-2006-5289
Multiple PHP remote file inclusion vulnerabilities in Vtiger CRM 4.2 and previous versions allow remote malicious users to execute arbitrary PHP code via a URL in the calpath parameter to (1) modules/Calendar/admin/update.php, (2) modules/Calendar/admin/scheme.php, or (3) modules...
Vtiger Vtiger Crm 4.2
1 EDB exploit
NA
CVE-2007-0123
Unrestricted file upload vulnerability in Uber Uploader 4.2 allows remote malicious users to upload and execute arbitrary PHP scripts by naming them with a .phtml extension, which bypasses the .php extension check but is still executable on some server configurations.
Uber Uploader Uber Uploader 4.2
NA
CVE-2005-4011
SQL injection vulnerability in calendar.php in Codewalkers ltwCalendar (aka PHP Event Calendar) 4.2, 4.1.3, and previous versions allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Codewalkers Ltwcalendar
1 EDB exploit
6.1
CVSSv3
CVE-2017-12810
PHPJabbers PHP Newsletter Script 4.2 has stored XSS in lists in the admin panel.
Stivasoft Phpjabbers Newsletter Script 4.2
9.8
CVSSv3
CVE-2023-30090
Semcms Shop v4.2 exists to contain an arbitrary file uplaod vulnerability via the component SEMCMS_Upfile.php. This vulnerability allows malicious users to execute arbitrary code via uploading a crafted PHP file.
Sem-cms Semcms 4.2
NA
CVE-2006-6229
Codewalkers ltwCalendar (aka PHP Event Calendar) prior to 4.2.1 logs failed passwords, which might allow malicious users to infer correct passwords from the log file.
Codewalkers Ltwcalendar 4.1.3
Codewalkers Ltwcalendar 4.2
NA
CVE-2006-6228
Cross-site scripting (XSS) vulnerability in Codewalkers ltwCalendar (aka PHP Event Calendar) prior to 4.2.1 allows remote malicious users to inject arbitrary HTML or web script via unknown vectors.
Codewalkers Ltwcalendar 4.1.3
Codewalkers Ltwcalendar 4.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-35229
privilege escalation
local users
CVE-2024-5405
CVE-2024-27842
CVE-2024-5274
CVE-2024-5378
CVE-2024-34152
hard-coded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »