Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php php 4.3.9 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2005-0524
The php_handle_iff function in image.c for PHP 4.2.2, 4.3.9, 4.3.10 and 5.0.3, as reachable by the getimagesize PHP function, allows remote malicious users to cause a denial of service (infinite loop) via a -8 size value.
Php Php 4.2.2
Php Php 4.3.9
Php Php 4.3.10
Php Php 5.0.3
NA
CVE-2005-0525
The php_next_marker function in image.c for PHP 4.2.2, 4.3.9, 4.3.10 and 5.0.3, as reachable by the getimagesize PHP function, allows remote malicious users to cause a denial of service (infinite loop) via a JPEG image with an invalid marker value, which causes a negative length ...
Php Php 4.2.2
Php Php 4.3.9
Php Php 4.3.10
Php Php 5.0.3
NA
CVE-2004-1020
The addslashes function in PHP 4.3.9 does not properly escape a NULL (/0) character, which may allow remote malicious users to read arbitrary files in PHP applications that contain a directory traversal vulnerability in require or include statements, but are otherwise protected b...
Php Php 4.3.6
Php Php 4.3.7
Php Php 4.3.8
Php Php 4.3.9
Php Php 5.0
Php Php 5.0.0
Php Php 5.0.1
Php Php 5.0.2
1 EDB exploit
NA
CVE-2005-1042
Integer overflow in the exif_process_IFD_TAG function in exif.c in PHP prior to 4.3.11 may allow remote malicious users to execute arbitrary code via an IFD tag that leads to a negative byte count.
Php Php 4.3.0
Php Php 4.3.1
Php Php 4.3.2
Php Php 4.3.3
Php Php 4.3.4
Php Php 4.3.5
Php Php 4.3.6
Php Php 4.3.7
Php Php 4.3.8
Php Php 4.3.9
Php Php 4.3.10
NA
CVE-2006-1014
Argument injection vulnerability in certain PHP 4.x and 5.x applications, when used with sendmail and when accepting remote input for the additional_parameters argument to the mb_send_mail function, allows context-dependent malicious users to read and create arbitrary files by pr...
Php Php 4.0.0
Php Php 4.2
Php Php 4.3.3
Php Php 4.3.4
Php Php 4.3.5
Php Php 4.3.6
Php Php 4.3.7
Php Php 4.3.8
Php Php 4.3.9
Php Php 4.3.10
Php Php 4.3.11
Php Php 4.4.0
1 EDB exploit
NA
CVE-2007-2727
The mcrypt_create_iv function in ext/mcrypt/mcrypt.c in PHP prior to 4.4.7, 5.2.1, and possibly 5.0.x and other PHP 5 versions, calls php_rand_r with an uninitialized seed variable and therefore always generates the same initialization vector (IV), which might allow context-depen...
Php Php
Php Php 4.0.1
Php Php 4.0.2
Php Php 4.0.3
Php Php 4.0.4
Php Php 4.0.5
Php Php 4.0.6
Php Php 4.0.7
Php Php 4.1.0
Php Php 4.1.1
Php Php 4.1.2
Php Php 4.2.0
NA
CVE-2005-3353
The exif_read_data function in the Exif module in PHP prior to 4.4.1 allows remote malicious users to cause a denial of service (infinite loop) via a malformed JPEG image.
Php Php 4.0.0
Php Php 4.0.1
Php Php 4.0.2
Php Php 4.0.3
Php Php 4.0.4
Php Php 4.0.5
Php Php 4.0.6
Php Php 4.1.0
Php Php 4.1.1
Php Php 4.1.2
Php Php 4.2.0
Php Php 4.2.1
NA
CVE-2006-2660
Buffer consumption vulnerability in the tempnam function in PHP 5.1.4 and 4.x prior to 4.4.3 allows local users to bypass restrictions and create PHP files with fixed names in other directories via a pathname argument longer than MAXPATHLEN, which prevents a unique string from be...
Php Php 4.0.0
Php Php 4.0.1
Php Php 4.0.2
Php Php 4.0.3
Php Php 4.0.4
Php Php 4.0.5
Php Php 4.1.0
Php Php 4.1.1
Php Php 4.1.2
Php Php 4.2.0
Php Php 4.2.1
Php Php 4.2.2
NA
CVE-2005-3883
CRLF injection vulnerability in the mb_send_mail function in PHP prior to 5.1.0 might allow remote malicious users to inject arbitrary e-mail headers via line feeds (LF) in the "To" address argument.
Php Php 4.0.6
Php Php 4.0.7
Php Php 4.1.0
Php Php 4.1.1
Php Php 4.1.2
Php Php 4.2
Php Php 4.2.0
Php Php 4.2.1
Php Php 4.2.2
Php Php 4.2.3
Php Php 4.3.0
Php Php 4.3.1
NA
CVE-2005-3388
Cross-site scripting (XSS) vulnerability in the phpinfo function in PHP 4.x up to 4.4.0 and 5.x up to 5.0.5 allows remote malicious users to inject arbitrary web script or HTML via a crafted URL with a "stacked array assignment."
Php Php 4.0.0
Php Php 4.0.1
Php Php 4.0.2
Php Php 4.0.3
Php Php 4.0.4
Php Php 4.0.5
Php Php 4.0.6
Php Php 4.0.7
Php Php 4.1.0
Php Php 4.1.1
Php Php 4.1.2
Php Php 4.2
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-44852
CVE-2024-3400
CVE-2024-30129
insecure direct object reference
CVE-2024-12115
CVE-2024-11220
CVE-2024-51378
privilege escalation
Home
/
Search Results
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »