Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php php 4.0.1 vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2001-0108
PHP Apache module 4.0.4 and previous versions allows remote malicious users to bypass .htaccess access restrictions via a malformed HTTP request on an unrestricted page that causes PHP to use those access controls on the next page that is requested.
Php Php 4.0
Php Php 4.0.1
Php Php 4.0.3
Php Php 4.0.4
Mandrakesoft Mandrake Linux 7.2
445
VMScore
CVE-2001-1385
The Apache module for PHP 4.0.0 through PHP 4.0.4, when disabled with the 'engine = off' option for a virtual host, may disable PHP for other virtual hosts, which could cause Apache to serve the source code of PHP scripts.
Php Php 4.0
Php Php 4.0.1
Php Php 4.0.3
Php Php 4.0.4
Mandrakesoft Mandrake Linux 7.2
445
VMScore
CVE-2002-0253
PHP, when not configured with the "display_errors = Off" setting in php.ini, allows remote malicious users to obtain the physical path for an include file via a trailing slash in a request to a directly accessible PHP program, which modifies the base path, causes the in...
Php Php 4.0.3
Php Php 4.0.4
Php Php 4.0.1
Php Php 4.0
Php Php 4.1.0
Php Php 4.1.2
Php Php 4.0.5
Php Php 4.0.6
505
VMScore
CVE-2004-1392
PHP 4.0 with cURL functions allows remote malicious users to bypass the open_basedir setting and read arbitrary files via a file: URL argument to the curl_init function.
Php Php 4.0
Php Php 4.0.1
Php Php 4.0.5
Php Php 4.0.6
Php Php 4.0.2
Php Php 4.0.3
Php Php 4.0.7
Php Php 4.0.4
1 EDB exploit
445
VMScore
CVE-2002-0986
The mail function in PHP 4.x to 4.2.2 does not filter ASCII control characters from its arguments, which could allow remote malicious users to modify mail message content, including mail headers, and possibly use PHP as a "spam proxy."
Php Php 4.0.3
Php Php 4.2.0
Php Php 4.2.1
Php Php 4.0.1
Php Php 4.0.2
Php Php 4.1.1
Php Php 4.1.2
Php Php 3.0.18
Php Php 4.0
Php Php 4.0.4
Php Php 4.0.5
Php Php 4.0.6
Php Php 4.2.2
Php Php 4.0.7
Php Php 4.1.0
765
VMScore
CVE-2003-0166
Integer signedness error in emalloc() function for PHP prior to 4.3.2 allow remote malicious users to cause a denial of service (memory consumption) and possibly execute arbitrary code via negative arguments to functions such as (1) socket_recv, (2) socket_recvfrom, and possibly ...
Php Php 4.0.5
Php Php 4.0.6
Php Php 4.2.2
Php Php 4.2.3
Php Php 4.0.7
Php Php 4.1.0
Php Php 4.3.0
Php Php 4.3.1
Php Php 4.0.3
Php Php 4.0.4
Php Php 4.2.0
Php Php 4.2.1
Php Php 4.0
Php Php 4.0.1
Php Php 4.0.2
Php Php 4.1.1
Php Php 4.1.2
3 EDB exploits
890
VMScore
CVE-2003-0860
Buffer overflows in PHP prior to 4.3.3 have unknown impact and unknown attack vectors.
Php Php 4.0.1
Php Php 4.0.2
Php Php 4.0.6
Php Php 4.0.7
Php Php 4.2.1
Php Php 4.2.3
Php Php 4.0.3
Php Php 4.0.4
Php Php 4.0.5
Php Php 4.3.0
Php Php 4.3.1
Php Php 4.3.2
Php Php 4.0
Php Php 4.1.0
Php Php 4.1.1
Php Php 4.1.2
Php Php 4.2.0
Php Php 4.2.2
Php Php 4.2
890
VMScore
CVE-2003-0861
Integer overflows in (1) base64_encode and (2) the GD library for PHP prior to 4.3.3 have unknown impact and unknown attack vectors.
Php Php 4.0.1
Php Php 4.0.5
Php Php 4.0.7
Php Php 4.2.0
Php Php 4.2.2
Php Php 4.1.0
Php Php 4.1.1
Php Php 4.0.2
Php Php 4.0.3
Php Php 4.0.4
Php Php 4.2
Php Php 4.3.0
Php Php 4.3.1
Php Php 4.3.2
Php Php 4.0
Php Php 4.0.6
Php Php 4.1.2
Php Php 4.2.1
Php Php 4.2.3
765
VMScore
CVE-2002-0229
Safe Mode feature (safe_mode) in PHP 3.0 up to and including 4.1.0 allows attackers with access to the MySQL database to bypass Safe Mode access restrictions and read arbitrary files using "LOAD DATA INFILE LOCAL" SQL statements.
Php Php 3.0.13
Php Php 3.0.16
Php Php 3.0.8
Php Php 3.0.9
Php Php 4.1.0
Php Php 4.1.2
Php Php 3.0.1
Php Php 3.0.10
Php Php 3.0.4
Php Php 3.0.5
Php Php 4.0.3
Php Php 4.0.4
Php Php 3.0.11
Php Php 3.0.12
Php Php 3.0.6
Php Php 3.0.7
Php Php 4.0.5
Php Php 4.0.6
Php Php 3.0
Php Php 3.0.2
Php Php 3.0.3
Php Php 4.0
3 EDB exploits
540
VMScore
CVE-2005-3353
The exif_read_data function in the Exif module in PHP prior to 4.4.1 allows remote malicious users to cause a denial of service (infinite loop) via a malformed JPEG image.
Php Php 4.0.0
Php Php 4.1.0
Php Php 4.1.1
Php Php 4.1.2
Php Php 4.3.10
Php Php 4.3.11
Php Php 4.3.8
Php Php 4.3.9
Php Php 4.0.1
Php Php 4.0.2
Php Php 4.2.0
Php Php 4.2.1
Php Php 4.3.2
Php Php 4.3.3
Php Php 4.4.0
Php Php 4.0.5
Php Php 4.0.6
Php Php 4.3.0
Php Php 4.3.1
Php Php 4.3.6
Php Php 4.3.7
Php Php 4.0.3
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4654
CVE-2023-49606
encryption
NULL pointer dereference
CVE-2024-4439
CVE-2024-4649
race condition
CVE-2024-27202
CVE-2024-34566
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »