Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php php 2.0 vulnerabilities and exploits
(subscribe to this query)
755
VMScore
CVE-2009-4836
Eval injection vulnerability in system/services/init.php in Movie PHP Script 2.0 allows remote malicious users to execute arbitrary PHP code via the anticode parameter.
Moviephp Movie Php Script 2.0
1 EDB exploit
755
VMScore
CVE-2008-4721
PHP Jabbers Post Comment 3.0 allows remote malicious users to bypass authentication and gain administrative access by setting the PostCommentsAdmin cookie to "logged."
Php Jabbers Post Comment 2.0
1 EDB exploit
755
VMScore
CVE-2008-3454
JnSHosts PHP Hosting Directory 2.0 allows remote malicious users to bypass authentication and gain administrative access by setting the "adm" cookie value to 1.
Jnshosts Php Hosting Directory 2.0
1 EDB exploit
1000
VMScore
CVE-2008-3455
PHP remote file inclusion vulnerability in include/admin.php in JnSHosts PHP Hosting Directory 2.0 allows remote malicious users to execute arbitrary PHP code via a URL in the rd parameter.
Jnshosts Php Hosting Directory 2.0
1 EDB exploit
765
VMScore
CVE-2008-2565
Multiple SQL injection vulnerabilities in PHP Address Book 3.1.5 and previous versions allow remote malicious users to execute arbitrary SQL commands via the id parameter to (1) view.php and (2) edit.php. NOTE: it was later reported that 4.0.x is also affected.
Php-address Book Php-address Book 3.1.2
Php-address Book Php-address Book 3.1.1
Php-address Book Php-address Book 2.1.1
Php-address Book Php-address Book 2.1
Php-address Book Php-address Book 2.0
Php-address Book Php-address Book 3.4.4
Php-address Book Php-address Book 3.4.3
Php-address Book Php-address Book
Php-address Book Php-address Book 3.1.5
Php-address Book Php-address Book 2.6
Php-address Book Php-address Book 2.4
Php-address Book Php-address Book 3.4.8
Php-address Book Php-address Book 3.4.7
Php-address Book Php-address Book 3.4
Php-address Book Php-address Book 3.3.18
Php-address Book Php-address Book 3.1
Php-address Book Php-address Book 3.0
Php-address Book Php-address Book 1.2
Php-address Book Php-address Book 1.0
Php-address Book Php-address Book 3.4.2
Php-address Book Php-address Book 3.4.1
Php-address Book Php-address Book 3.1.4
3 EDB exploits
645
VMScore
CVE-2008-4319
fileadmin.php in Libra File Manager (aka Libra PHP File Manager) 1.18 and previous versions allows remote malicious users to bypass authentication, and read arbitrary files, modify arbitrary files, and list arbitrary directories, by inserting certain user and isadmin parameters i...
Libra File Manager Php Filemanager 1.05
Libra File Manager Php Filemanager 1.08
Libra File Manager Php Filemanager
Libra File Manager Php Filemanager 1.17
Libra File Manager Php Filemanager 1.00
Libra File Manager Php Filemanager 1.03
1 EDB exploit
685
VMScore
CVE-2006-7169
PHP remote file inclusion vulnerability in includes/header_simple.php in Ultimate PHP Board (UPB) 2.0 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the _CONFIG[skin_dir] parameter.
Ultimate Php Board Ultimate Php Board
1 EDB exploit
445
VMScore
CVE-2014-3777
Directory traversal vulnerability in Reportico PHP Report Designer prior to 4.0 allows remote malicious users to read arbitrary files via a .. (dot dot) in the xmlin parameter.
Reportico Php Report Designer 2.3.1
Reportico Php Report Designer 2.3
Reportico Php Report Designer 2.2
Reportico Php Report Designer 2.1
Reportico Php Report Designer 2.0
Reportico Php Report Designer
Reportico Php Report Designer 3.2
Reportico Php Report Designer 3.1
Reportico Php Report Designer 3.0
Reportico Php Report Designer 1.0.4
Reportico Php Report Designer 1.0.3
Reportico Php Report Designer 1.0.2
Reportico Php Report Designer 1.0.1
Reportico Php Report Designer 2.7
Reportico Php Report Designer 2.5
Reportico Php Report Designer 2.0.1
Reportico Php Report Designer 1.0.6
Reportico Php Report Designer 2.6
Reportico Php Report Designer 2.4
Reportico Php Report Designer 1.0.5
Reportico Php Report Designer 1.0.0
755
VMScore
CVE-2007-1845
SQL injection vulnerability in show_event.php in the Expanded Calendar (calendar_panel) 2.00 module for PHP-Fusion allows remote malicious users to execute arbitrary SQL commands via the m_month parameter.
Php Fusion Expanded Calendar Module 2.0
1 EDB exploit
578
VMScore
CVE-2009-3168
Mevin Productions Basic PHP Events Lister 2.0 does not properly restrict access to (1) admin/reset.php and (2) admin/user_add.php, which allows remote authenticated users to reset administrative passwords or add administrators via a direct request.
Mevin Basic Php Events Lister 2.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5324
path traversal
CVE-2024-4743
CVE-2024-5184
TCP
CVE-2024-27822
code injection
CVE-2024-28995
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »