Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php php 4.2 vulnerabilities and exploits
(subscribe to this query)
6.4
CVSSv2
CVE-2006-2460
Sugar Suite Open Source (SugarCRM) 4.2 and previous versions, when register_globals is enabled, does not protect critical variables such as $_GLOBALS and $_SESSION from modification, which allows remote malicious users to conduct attacks such as directory traversal or PHP remote ...
Sugarcrm Sugarcrm 3.5
Sugarcrm Sugarcrm 4.0
Sugarcrm Sugarcrm 4.1
Sugarcrm Sugarcrm 4.2
1 EDB exploit
5
CVSSv2
CVE-2012-3996
TikiWiki CMS/Groupware 8.3 and previous versions allows remote malicious users to obtain the installation path via a direct request to (1) admin/include_calendar.php, (2) tiki-rss_error.php, or (3) tiki-watershed_service.php.
Tiki Tikiwiki Cms\\/groupware 7.2
Tiki Tikiwiki Cms\\/groupware 7.0
Tiki Tikiwiki Cms\\/groupware 5.0
Tiki Tikiwiki Cms\\/groupware 4.1
Tiki Tikiwiki Cms\\/groupware 3.3
Tiki Tikiwiki Cms\\/groupware 3.5
Tiki Tikiwiki Cms\\/groupware 6.1
Tiki Tikiwiki Cms\\/groupware 6.0
Tiki Tikiwiki Cms\\/groupware 5.3
Tiki Tikiwiki Cms\\/groupware 5.2
Tiki Tikiwiki Cms\\/groupware 2.2
Tiki Tikiwiki Cms\\/groupware
Tiki Tikiwiki Cms\\/groupware 8.1
Tiki Tikiwiki Cms\\/groupware 8.0
Tiki Tikiwiki Cms\\/groupware 4.0
Tiki Tikiwiki Cms\\/groupware 4
Tiki Tikiwiki Cms\\/groupware 3.1
Tiki Tikiwiki Cms\\/groupware 3.0
Tiki Tikiwiki Cms\\/groupware 7.1
Tiki Tikiwiki Cms\\/groupware 6.2
Tiki Tikiwiki Cms\\/groupware 5.1
Tiki Tikiwiki Cms\\/groupware 4.2
2 EDB exploits
6.5
CVSSv2
CVE-2019-19745
Contao 4.0 up to and including 4.8.5 allows PHP local file inclusion. A back end user with access to the form generator can upload arbitrary files and execute them on the server.
Contao Contao 4.0
Contao Contao 4.1
Contao Contao 4.2
Contao Contao 4.3
Contao Contao
Contao Contao 4.5
Contao Contao 4.6
Contao Contao 4.7
5
CVSSv2
CVE-2001-1154
Cyrus 2.0.15, 2.0.16, and 1.6.24 on BSDi 4.2, with IMAP enabled, allows remote malicious users to cause a denial of service (hang) using PHP IMAP clients.
Carnegie Mellon University Cyrus Imap Server 1.6.24
Carnegie Mellon University Cyrus Imap Server 2.0.15
Carnegie Mellon University Cyrus Imap Server 2.0.16
Bsdi Bsd Os 4.2
4.3
CVSSv2
CVE-2004-2740
PHP remote file inclusion vulnerability in authform.inc.php in PHProjekt 4.2.3 and previous versions allows remote malicious users to include arbitrary PHP code via a URL in the path_pre parameter.
Phprojekt Phprojekt 2.0
Phprojekt Phprojekt 2.0.1
Phprojekt Phprojekt 3.1
Phprojekt Phprojekt 3.1a
Phprojekt Phprojekt 2.4a
Phprojekt Phprojekt 3.0
Phprojekt Phprojekt 2.1
Phprojekt Phprojekt 2.1a
Phprojekt Phprojekt 2.2
Phprojekt Phprojekt 3.2
Phprojekt Phprojekt 4.2
Phprojekt Phprojekt 2.3
Phprojekt Phprojekt 2.4
7.5
CVSSv2
CVE-2015-5074
Incomplete blacklist vulnerability in the FileUploadsFilter class in protected/components/filters/FileUploadsFilter.php in X2Engine X2CRM prior to 5.0.9 allows remote authenticated users to execute arbitrary PHP code by uploading a file with a .pht extension.
X2engine X2crm
1 EDB exploit
7.5
CVSSv2
CVE-2019-5434
An attacker could send a specifically crafted payload to the XML-RPC invocation script and trigger the unserialize() call on the "what" parameter in the "openads.spc" RPC method. Such vulnerability could be used to perform various types of attacks, e.g. exploi...
Revive-sas Revive Adserver
1 EDB exploit
4.3
CVSSv2
CVE-2012-2143
The crypt_des (aka DES-based crypt) function in FreeBSD prior to 9.0-RELEASE-p2, as used in PHP, PostgreSQL, and other products, does not process the complete cleartext password if this password contains a 0x80 character, which makes it easier for context-dependent malicious user...
Postgresql Postgresql
Freebsd Freebsd 5.2.1
Freebsd Freebsd 7.4
Freebsd Freebsd 6.1
Freebsd Freebsd 3.1
Freebsd Freebsd 6.4
Freebsd Freebsd 6.3
Freebsd Freebsd 2.2.5
Freebsd Freebsd 5.5
Freebsd Freebsd 8.2
Freebsd Freebsd 5.4
Freebsd Freebsd 5.3
Freebsd Freebsd 2.2.2
Freebsd Freebsd 2.1.7
Freebsd Freebsd 4.11
Freebsd Freebsd 2.0.5
Freebsd Freebsd 8.0
Freebsd Freebsd 1.1.5.1
Freebsd Freebsd 4.5
Freebsd Freebsd 4.7
Freebsd Freebsd 7.0
Freebsd Freebsd
7.5
CVSSv2
CVE-2006-4073
Multiple PHP remote file inclusion vulnerabilities in Fabian Hainz phpCC Beta 4.2 allow remote malicious users to execute arbitrary PHP code via a URL in the base_dir parameter to (1) login.php, (2) reactivate.php, or (3) register.php.
Phpcc Phpcc Beta 4.2
1 EDB exploit
7.5
CVSSv2
CVE-2007-0757
PHP remote file inclusion vulnerability in index.php in Miguel Nunes Call of Duty 2 (CoD2) DreamStats System 4.2 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the rootpath parameter.
Miguel Nunes Call Of Duty 2 Dreamstats System
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »