Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php php 4.0.2 vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2004-1392
PHP 4.0 with cURL functions allows remote malicious users to bypass the open_basedir setting and read arbitrary files via a file: URL argument to the curl_init function.
Php Php 4.0
Php Php 4.0.1
Php Php 4.0.2
Php Php 4.0.3
Php Php 4.0.4
Php Php 4.0.5
Php Php 4.0.6
Php Php 4.0.7
1 EDB exploit
6.8
CVSSv2
CVE-2009-2608
Multiple SQL injection vulnerabilities in PHP Address Book 4.0.x allow remote malicious users to execute arbitrary SQL commands via the (1) id parameter to delete.php or (2) alphabet parameter to index.php. NOTE: the edit.php and view.php vectors are already covered by CVE-2008-2...
Chatelao Php Address Book 4.0.1
Chatelao Php Address Book 4.0.2
1 EDB exploit
5
CVSSv2
CVE-2002-0986
The mail function in PHP 4.x to 4.2.2 does not filter ASCII control characters from its arguments, which could allow remote malicious users to modify mail message content, including mail headers, and possibly use PHP as a "spam proxy."
Php Php 3.0.18
Php Php 4.0
Php Php 4.0.1
Php Php 4.0.2
Php Php 4.0.3
Php Php 4.0.4
Php Php 4.0.5
Php Php 4.0.6
Php Php 4.0.7
Php Php 4.1.0
Php Php 4.1.1
Php Php 4.1.2
7.5
CVSSv2
CVE-2003-0166
Integer signedness error in emalloc() function for PHP prior to 4.3.2 allow remote malicious users to cause a denial of service (memory consumption) and possibly execute arbitrary code via negative arguments to functions such as (1) socket_recv, (2) socket_recvfrom, and possibly ...
Php Php 4.0
Php Php 4.0.1
Php Php 4.0.2
Php Php 4.0.3
Php Php 4.0.4
Php Php 4.0.5
Php Php 4.0.6
Php Php 4.0.7
Php Php 4.1.0
Php Php 4.1.1
Php Php 4.1.2
Php Php 4.2.0
3 EDB exploits
10
CVSSv2
CVE-2003-0860
Buffer overflows in PHP prior to 4.3.3 have unknown impact and unknown attack vectors.
Php Php 4.0
Php Php 4.0.1
Php Php 4.0.2
Php Php 4.0.3
Php Php 4.0.4
Php Php 4.0.5
Php Php 4.0.6
Php Php 4.0.7
Php Php 4.1.0
Php Php 4.1.1
Php Php 4.1.2
Php Php 4.2
10
CVSSv2
CVE-2003-0861
Integer overflows in (1) base64_encode and (2) the GD library for PHP prior to 4.3.3 have unknown impact and unknown attack vectors.
Php Php 4.0
Php Php 4.0.1
Php Php 4.0.2
Php Php 4.0.3
Php Php 4.0.4
Php Php 4.0.5
Php Php 4.0.6
Php Php 4.0.7
Php Php 4.1.0
Php Php 4.1.1
Php Php 4.1.2
Php Php 4.2
4.3
CVSSv2
CVE-2009-2302
Cross-site scripting (XSS) vulnerability in index.php in Aardvark Topsites PHP 5.2.0 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the q parameter in a search action. NOTE: it was later reported that 5.2.1 is also affected.
Avatic Aardvark Topsites Php
Avatic Aardvark Topsites Php 4.0.2
Avatic Aardvark Topsites Php 4.1.1
Avatic Aardvark Topsites Php 4.2.2
Avatic Aardvark Topsites Php 5
Avatic Aardvark Topsites Php 5.0.3
Avatic Aardvark Topsites Php 5.1.2
1 EDB exploit
5
CVSSv2
CVE-2009-2304
index.php in Aardvark Topsites PHP 5.2.0 and previous versions allows remote malicious users to obtain sensitive information via a nonexistent account name in the u parameter in a rate action, which reveals the installation path in an error message.
Avatic Aardvark Topsites Php
Avatic Aardvark Topsites Php 4.0.2
Avatic Aardvark Topsites Php 4.1.1
Avatic Aardvark Topsites Php 4.2.2
Avatic Aardvark Topsites Php 5
Avatic Aardvark Topsites Php 5.0.3
Avatic Aardvark Topsites Php 5.1.2
5
CVSSv2
CVE-2009-2303
index.php in Aardvark Topsites PHP 5.2.1 and previous versions allows remote malicious users to obtain sensitive information via a negative integer value for the start parameter in a search action, which reveals the installation path in an error message.
Avatic Aardvark Topsites Php
Avatic Aardvark Topsites Php 4.0.2
Avatic Aardvark Topsites Php 4.1.1
Avatic Aardvark Topsites Php 4.2.2
Avatic Aardvark Topsites Php 5
Avatic Aardvark Topsites Php 5.0.3
Avatic Aardvark Topsites Php 5.1.2
Avatic Aardvark Topsites Php 5.2.0
5
CVSSv2
CVE-2005-3353
The exif_read_data function in the Exif module in PHP prior to 4.4.1 allows remote malicious users to cause a denial of service (infinite loop) via a malformed JPEG image.
Php Php 4.0.0
Php Php 4.0.1
Php Php 4.0.2
Php Php 4.0.3
Php Php 4.0.4
Php Php 4.0.5
Php Php 4.0.6
Php Php 4.1.0
Php Php 4.1.1
Php Php 4.1.2
Php Php 4.2.0
Php Php 4.2.1
Preferred Score:
CVSSv3
CVSSv2
CVSSv3
CVSSv4
EPSS
VMScore
Recommendations:
authentication bypass
CVE-2024-43405
elevation of privilege
CVE-2025-22376
CVE-2025-0175
CVE-2025-0210
CVE-2024-49112
privilege escalation
CVE-2024-56514
Home
/
Search Results
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »