Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php php 2.0 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-3455
PHP remote file inclusion vulnerability in include/admin.php in JnSHosts PHP Hosting Directory 2.0 allows remote malicious users to execute arbitrary PHP code via a URL in the rd parameter.
Jnshosts Php Hosting Directory 2.0
1 EDB exploit
NA
CVE-2009-1587
index.php in PHP Site Lock 2.0 allows remote malicious users to bypass authentication and obtain administrative access by setting the login_id, group_id, login_name, user_id, and user_type cookies to certain values.
Kalptarudemos Php Site Lock 2.0
1 EDB exploit
NA
CVE-2008-3454
JnSHosts PHP Hosting Directory 2.0 allows remote malicious users to bypass authentication and gain administrative access by setting the "adm" cookie value to 1.
Jnshosts Php Hosting Directory 2.0
1 EDB exploit
NA
CVE-2006-4190
Directory traversal vulnerability in autohtml.php in the AutoHTML module for PHP-Nuke allows local users to include arbitrary files via a .. (dot dot) in the name parameter for a modload operation.
Php-nuke Autohtml Module 2.0
1 EDB exploit
NA
CVE-2008-2565
Multiple SQL injection vulnerabilities in PHP Address Book 3.1.5 and previous versions allow remote malicious users to execute arbitrary SQL commands via the id parameter to (1) view.php and (2) edit.php. NOTE: it was later reported that 4.0.x is also affected.
Php-address Book Php-address Book 3.1.2
Php-address Book Php-address Book 3.1.1
Php-address Book Php-address Book 2.1.1
Php-address Book Php-address Book 2.1
Php-address Book Php-address Book 2.0
Php-address Book Php-address Book 3.4.4
Php-address Book Php-address Book 3.4.3
Php-address Book Php-address Book
Php-address Book Php-address Book 3.1.5
Php-address Book Php-address Book 2.6
Php-address Book Php-address Book 2.4
Php-address Book Php-address Book 3.4.8
Php-address Book Php-address Book 3.4.7
Php-address Book Php-address Book 3.4
Php-address Book Php-address Book 3.3.18
Php-address Book Php-address Book 3.1
Php-address Book Php-address Book 3.0
Php-address Book Php-address Book 1.2
Php-address Book Php-address Book 1.0
Php-address Book Php-address Book 3.4.2
Php-address Book Php-address Book 3.4.1
Php-address Book Php-address Book 3.1.4
3 EDB exploits
NA
CVE-2008-4319
fileadmin.php in Libra File Manager (aka Libra PHP File Manager) 1.18 and previous versions allows remote malicious users to bypass authentication, and read arbitrary files, modify arbitrary files, and list arbitrary directories, by inserting certain user and isadmin parameters i...
Libra File Manager Php Filemanager 1.05
Libra File Manager Php Filemanager 1.08
Libra File Manager Php Filemanager
Libra File Manager Php Filemanager 1.17
Libra File Manager Php Filemanager 1.00
Libra File Manager Php Filemanager 1.03
1 EDB exploit
NA
CVE-2006-7169
PHP remote file inclusion vulnerability in includes/header_simple.php in Ultimate PHP Board (UPB) 2.0 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the _CONFIG[skin_dir] parameter.
Ultimate Php Board Ultimate Php Board
1 EDB exploit
NA
CVE-2014-3777
Directory traversal vulnerability in Reportico PHP Report Designer prior to 4.0 allows remote malicious users to read arbitrary files via a .. (dot dot) in the xmlin parameter.
Reportico Php Report Designer 2.3.1
Reportico Php Report Designer 2.3
Reportico Php Report Designer 2.2
Reportico Php Report Designer 2.1
Reportico Php Report Designer 2.0
Reportico Php Report Designer
Reportico Php Report Designer 3.2
Reportico Php Report Designer 3.1
Reportico Php Report Designer 3.0
Reportico Php Report Designer 1.0.4
Reportico Php Report Designer 1.0.3
Reportico Php Report Designer 1.0.2
Reportico Php Report Designer 1.0.1
Reportico Php Report Designer 2.7
Reportico Php Report Designer 2.5
Reportico Php Report Designer 2.0.1
Reportico Php Report Designer 1.0.6
Reportico Php Report Designer 2.6
Reportico Php Report Designer 2.4
Reportico Php Report Designer 1.0.5
Reportico Php Report Designer 1.0.0
NA
CVE-2009-3168
Mevin Productions Basic PHP Events Lister 2.0 does not properly restrict access to (1) admin/reset.php and (2) admin/user_add.php, which allows remote authenticated users to reset administrative passwords or add administrators via a direct request.
Mevin Basic Php Events Lister 2.0
NA
CVE-2006-6360
PHP remote file inclusion vulnerability in activate.php in PHP Upload Center 2.0 allows remote malicious users to execute arbitrary PHP code via a URL in the footerpage parameter.
Sergey Korostel Php Upload Center 2.0
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »