Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php php 3.0.4 vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2018-15185
PHP Scripts Mall Naukri / Shine / Jobsite Clone Script 3.0.4 allows remote malicious users to cause a denial of service (page update outage) via crafted PHP and JavaScript code in the "Current Position" field.
Naukri Clone Script Project Naukri Clone Script 3.0.4
NA
CVE-2011-3818
WordPress 2.9.2 and 3.0.4 allows remote malicious users to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by wp-admin/includes/user.php and certain other files.
Wordpress Wordpress 3.0.4
Wordpress Wordpress 2.9.2
5.4
CVSSv3
CVE-2018-15184
PHP Scripts Mall Naukri / Shine / Jobsite Clone Script 3.0.4 has Stored XSS via the USERNAME field, a related issue to CVE-2018-6795.
Naukri Clone Script Project Naukri Clone Script 3.0.4
NA
CVE-2006-3116
Multiple PHP remote file inclusion vulnerabilities in phpRaid 3.0.4 and 3.0.5 allow remote malicious users to execute arbitrary code via a URL in the phpraid_dir parameter to (1) configuration.php, (3) guilds.php, (4) index.php, (5) locations.php, (6) login.php, (7) lua_output.ph...
Spiffyjr Phpraid 3.0.5
Spiffyjr Phpraid 3.0.4
9.8
CVSSv3
CVE-2018-7477
SQL Injection exists in PHP Scripts Mall School Management Script 3.0.4 via the Username and Password fields to parents/Parent_module/parent_login.php.
School Management Script Project School Management Script 3.0.4
1 EDB exploit
NA
CVE-2005-0429
Direct code injection vulnerability in forumdisplay.php in vBulletin 3.0 up to and including 3.0.4, when showforumusers is enabled, allows remote malicious users to execute inject arbitrary PHP commands via the comma parameter.
Jelsoft Vbulletin 3.0.4
Jelsoft Vbulletin 3.0.1
Jelsoft Vbulletin 3.0.2
Jelsoft Vbulletin 3.0.3
Jelsoft Vbulletin 3.0
2 EDB exploits
NA
CVE-2008-7153
SQL injection vulnerability in the autoDetectRegion function in doceboCore/lib/lib.regset.php in Docebo 3.5.0.3 and previous versions allows remote malicious users to execute arbitrary SQL commands via the Accept-Language HTTP header. NOTE: this can be leveraged to execute arbitr...
Docebo Docebo 3.5 Beta
Docebo Docebo
Docebo Docebo 3.0.3
Docebo Docebo 3.0.5
Docebo Docebo 3.0.4
2 EDB exploits
NA
CVE-2008-7154
Docebo 3.5.0.3 and previous versions allows remote malicious users to obtain sensitive information via a direct request to (1) class/class.conf_fw.php, (2) class.module/class.event_manager.php, (3) lib/lib.domxml5.php, or (4) menu/menu_over.php in doceboCore/; or (5) class/class....
Docebo Docebo 3.5 Beta
Docebo Docebo
Docebo Docebo 3.0.3
Docebo Docebo 3.0.5
Docebo Docebo 3.0.4
1 EDB exploit
NA
CVE-2013-3242
plugins/system/remember/remember.php in Joomla! 2.5.x prior to 2.5.10 and 3.0.x prior to 3.0.4 does not properly handle an object obtained by unserializing a cookie, which allows remote authenticated users to conduct PHP object injection attacks and cause a denial of service via ...
Joomla Joomla! 3.0.2
Joomla Joomla! 3.0.3
Joomla Joomla! 3.0.1
Joomla Joomla! 3.0.0
Joomla Joomla! 2.5.7
Joomla Joomla! 2.5.8
Joomla Joomla! 2.5.2
Joomla Joomla! 2.5.1
Joomla Joomla! 2.5.3
Joomla Joomla! 2.5.9
Joomla Joomla! 2.5.4
Joomla Joomla! 2.5.6
Joomla Joomla! 2.5.5
Joomla Joomla! 2.5.0
1 EDB exploit
8.8
CVSSv3
CVE-2018-6383
Monstra CMS up to and including 3.0.4 has an incomplete "forbidden types" list that excludes .php (and similar) file extensions but not the .pht or .phar extension, which allows remote authenticated Admins or Editors to execute arbitrary PHP code by uploading a file, a ...
Monstra Monstra
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29824
CVE-2024-30095
CVE-2024-30104
client side
CVE-2024-5840
CVE-2024-34405
unprivileged
wireless
CVE-2024-4577
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »