Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php php 4.0 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2006-5062
PHP remote file inclusion vulnerability in templates/pb/language/lang_nl.php in PBLang (PBL) 4.66z and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the temppath parameter.
Pblang Pblang 4.6
Pblang Pblang 4.63
Pblang Pblang 4.0
Pblang Pblang 4.56 4.5 Rc2
Pblang Pblang 4.65
Pblang Pblang
Pblang Pblang 4.66
1 EDB exploit
7.5
CVSSv2
CVE-2006-4870
Multiple PHP remote file inclusion vulnerabilities in AEDating 4.1, and possibly earlier versions, allow remote malicious users to execute arbitrary PHP code via a URL in the dir[inc] parameter in (1) inc/design.inc.php or (2) inc/admin_design.inc.php.
Aewebworks Aedating 4.0
Aewebworks Aedating
1 EDB exploit
7.5
CVSSv2
CVE-2006-4828
PHP remote file inclusion vulnerability in zipndownload.php in PhotoPost 4.0 up to and including 4.6 allows remote malicious users to execute arbitrary PHP code via a URL in the PP_PATH parameter.
Photopost Photopost Php Pro 4.2
Photopost Photopost Php Pro 4.0
Photopost Photopost Php Pro 4.1
Photopost Photopost Php Pro 4.3
Photopost Photopost Php Pro 4.5
Photopost Photopost Php Pro 4.6
Photopost Photopost Php Pro 4.4
1 EDB exploit
7.5
CVSSv2
CVE-2006-4443
PHP remote file inclusion vulnerability in myajaxphp.php in AlstraSoft Video Share Enterprise allows remote malicious users to execute arbitrary PHP code via a URL in the config[BASE_DIR] parameter.
Alstrasoft Video Share Enterprise 4.0
1 EDB exploit
7.5
CVSSv2
CVE-2006-4433
PHP prior to 4.4.3 and 5.x prior to 5.1.4 does not limit the character set of the session identifier (PHPSESSID) for third party session handlers, which might make it easier for remote malicious users to exploit other vulnerabilities by inserting PHP code into the PHPSESSID, whic...
Php Php 4.3.9
Php Php 4.0
Php Php 5.1.2
Php Php 4.2.0
Php Php 5.1.1
Php Php 5.0.0
Php Php 4.1.0
Php Php 4.3.4
Php Php 4.0.4
Php Php 4.3.0
Php Php 4.0.5
Php Php 5.0
Php Php 5.0.5
Php Php 4.3.6
Php Php 5.0.1
Php Php 4.0.7
Php Php 4.3.7
Php Php 5.0.4
Php Php 4.2.2
Php Php 4.4.2
Php Php 4.3.2
Php Php 4.3.11
7.5
CVSSv2
CVE-2006-3957
PHP remote file inclusion vulnerability in payment.php in BosDev BosDates allows remote malicious users to execute arbitrary PHP code via a URL in the insPath parameter.
Bosdev Bosdates 3.1
Bosdev Bosdates 4.0
Bosdev Bosdates 3.0
Bosdev Bosdates 3.2
1 EDB exploit
7.5
CVSSv2
CVE-2006-2888
PHP remote file inclusion vulnerability in _wk/wk_lang.php in Wikiwig 4.1 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the WK[wkPath] parameter.
Wikiwig Wikiwig 4.1
Wikiwig Wikiwig 4.0
1 EDB exploit
7.5
CVSSv2
CVE-2005-4227
Multiple "potential" SQL injection vulnerabilities in DCP-Portal 6.1.1 might allow remote malicious users to execute arbitrary SQL commands via (1) the password and username parameters in advertiser.php, (2) the aid parameter in announcement.php, (3) the dcp5_member_id,...
Codeworx Technologies Dcp-portal 3.7
Codeworx Technologies Dcp-portal 5.3.2
Codeworx Technologies Dcp-portal 5.0.2
Codeworx Technologies Dcp-portal 5.2
Codeworx Technologies Dcp-portal 6.1.1
Codeworx Technologies Dcp-portal 4.1
Codeworx Technologies Dcp-portal 5.3
Codeworx Technologies Dcp-portal 5.0.1
Codeworx Technologies Dcp-portal 5.3.1
Codeworx Technologies Dcp-portal 6.0
Codeworx Technologies Dcp-portal 4.5.1
Codeworx Technologies Dcp-portal 4.2
Codeworx Technologies Dcp-portal 6.1
Codeworx Technologies Dcp-portal 4.0
Codeworx Technologies Dcp-portal 5.1
7.5
CVSSv2
CVE-2005-4087
PHP remote file include vulnerability in acceptDecline.php in Sugar Suite Open Source Customer Relationship Management (SugarCRM) 4.0 beta and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the beanFiles array parameter.
Sugarcrm Sugar Suite 3.5
Sugarcrm Sugar Suite 4.0 Beta
2 EDB exploits
7.5
CVSSv2
CVE-2005-3159
SQL injection vulnerability in messages.php in PHP-Fusion allows remote malicious users to execute arbitrary SQL commands via the msg_view parameter, a different vulnerability than CVE-2005-3157 and CVE-2005-3158.
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
deserialization
CVE-2024-4541
CVE-2024-3080
CVE-2024-4787
log injection
CVE-2024-5967
inject
CVE-2024-30078
CVE-2024-5899
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »