Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php php 4.0.7 vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2004-1392
PHP 4.0 with cURL functions allows remote malicious users to bypass the open_basedir setting and read arbitrary files via a file: URL argument to the curl_init function.
Php Php 4.0.4
Php Php 4.0.5
Php Php 4.0.7
Php Php 4.0.3
Php Php 4.0.2
Php Php 4.0.1
Php Php 4.0
Php Php 4.0.6
1 EDB exploit
5
CVSSv2
CVE-2002-0986
The mail function in PHP 4.x to 4.2.2 does not filter ASCII control characters from its arguments, which could allow remote malicious users to modify mail message content, including mail headers, and possibly use PHP as a "spam proxy."
Php Php 4.2.0
Php Php 4.1.0
Php Php 4.0.4
Php Php 4.0.5
Php Php 4.2.2
Php Php 4.0.3
Php Php 4.0.7
Php Php 4.0.2
Php Php 4.1.1
Php Php 4.0.1
Php Php 4.0
Php Php 4.0.6
Php Php 4.1.2
Php Php 3.0.18
Php Php 4.2.1
5
CVSSv2
CVE-2002-1783
CRLF injection vulnerability in PHP 4.2.1 up to and including 4.2.3, when allow_url_fopen is enabled, allows remote malicious users to modify HTTP headers for outgoing requests by causing CRLF sequences to be injected into arguments that are passed to the (1) fopen or (2) file fu...
Php Php 4.2.0
Php Php 4.1.0
Php Php 4.0.4
Php Php 4.0.5
Php Php 4.2.2
Php Php 3.0.17
Php Php 4.0.7
Php Php 4.1.1
Php Php 3.0.15
Php Php 3.0.16
Php Php 4.2.3
Php Php 4.0.6
Php Php 4.1.2
Php Php 3.0.18
Php Php 4.2.1
Php Php 4.0.3
Php Php 3.0.14
7.5
CVSSv2
CVE-2003-0166
Integer signedness error in emalloc() function for PHP prior to 4.3.2 allow remote malicious users to cause a denial of service (memory consumption) and possibly execute arbitrary code via negative arguments to functions such as (1) socket_recv, (2) socket_recvfrom, and possibly ...
Php Php 4.2.0
Php Php 4.1.0
Php Php 4.0.4
Php Php 4.3.0
Php Php 4.0.5
Php Php 4.2.2
Php Php 4.0.7
Php Php 4.0.2
Php Php 4.1.1
Php Php 4.2.3
Php Php 4.0
Php Php 4.0.6
Php Php 4.1.2
Php Php 4.3.1
Php Php 4.2.1
Php Php 4.0.1
Php Php 4.0.3
3 EDB exploits
10
CVSSv2
CVE-2003-0860
Buffer overflows in PHP prior to 4.3.3 have unknown impact and unknown attack vectors.
Php Php 4.2.0
Php Php 4.1.0
Php Php 4.0.4
Php Php 4.3.0
Php Php 4.0.5
Php Php 4.0.7
Php Php 4.2.2
Php Php 4.3.2
Php Php 4.0.3
Php Php 4.0.2
Php Php 4.1.1
Php Php 4.2.3
Php Php 4.0.1
Php Php 4.0
Php Php 4.0.6
Php Php 4.1.2
Php Php 4.3.1
Php Php 4.2.1
Php Php 4.2
10
CVSSv2
CVE-2003-0861
Integer overflows in (1) base64_encode and (2) the GD library for PHP prior to 4.3.3 have unknown impact and unknown attack vectors.
Php Php 4.2.0
Php Php 4.1.0
Php Php 4.0.4
Php Php 4.3.0
Php Php 4.0.5
Php Php 4.0.7
Php Php 4.2.2
Php Php 4.3.2
Php Php 4.0.3
Php Php 4.0.2
Php Php 4.1.1
Php Php 4.2.3
Php Php 4.0.1
Php Php 4.0
Php Php 4.0.6
Php Php 4.1.2
Php Php 4.3.1
Php Php 4.2.1
Php Php 4.2
2.6
CVSSv2
CVE-2007-2727
The mcrypt_create_iv function in ext/mcrypt/mcrypt.c in PHP prior to 4.4.7, 5.2.1, and possibly 5.0.x and other PHP 5 versions, calls php_rand_r with an uninitialized seed variable and therefore always generates the same initialization vector (IV), which might allow context-depen...
Php Php 4.3.9
Php Php 4.2.0
Php Php 4.1.0
Php Php 4.3.4
Php Php 4.0.4
Php Php 4.3.0
Php Php 4.0.5
Php Php 4.3.6
Php Php 4.0.7
Php Php 4.3.7
Php Php 4.2.2
Php Php 4.3.2
Php Php 4.3.11
Php Php 4.0.3
Php Php 4.0.2
Php Php 4.3.3
Php Php 4.1.1
Php Php 4.2.3
Php Php 4.0.1
Php Php 4.0.6
Php Php 4.1.2
Php Php 4.3.1
5
CVSSv2
CVE-2005-3883
CRLF injection vulnerability in the mb_send_mail function in PHP prior to 5.1.0 might allow remote malicious users to inject arbitrary e-mail headers via line feeds (LF) in the "To" address argument.
Php Php 4.3.9
Php Php 4.2.0
Php Php 4.1.0
Php Php 4.3.4
Php Php 4.3.0
Php Php 5.0
Php Php 5.0.5
Php Php 4.3.6
Php Php 5.0.1
Php Php 4.0.7
Php Php 4.3.7
Php Php 5.0.4
Php Php 4.2.2
Php Php 4.3.2
Php Php 4.3.11
Php Php 4.3.3
Php Php 4.1.1
Php Php 5.0.3
Php Php 4.2.3
Php Php 4.0.6
Php Php 4.1.2
Php Php 4.3.1
5
CVSSv2
CVE-2002-0484
move_uploaded_file in PHP does not does not check for the base directory (open_basedir), which could allow remote malicious users to upload files to unintended locations on the system.
Php Php 3.0
Php Php 3.0.5
Php Php 3.0.11
Php Php 3.0.1
Php Php 3.0.2
Php Php 4.1.0
Php Php 4.0.4
Php Php 4.0.5
Php Php 3.0.8
Php Php 3.0.13
Php Php 4.0.7
Php Php 3.0.7
Php Php 3.0.6
Php Php 4.0.3
Php Php 3.0.17
Php Php 4.0.2
Php Php 4.1.1
Php Php 3.0.15
Php Php 3.0.16
Php Php 3.0.10
Php Php 3.0.4
Php Php 4.0.1
1 EDB exploit
10
CVSSv2
CVE-2006-4812
Integer overflow in PHP 5 up to 5.1.6 and 4 prior to 4.3.0 allows remote malicious users to execute arbitrary code via an argument to the unserialize PHP function with a large value for the number of array elements, which triggers the overflow in the Zend Engine ecalloc function ...
Php Php 5.1.5
Php Php 5.1.2
Php Php 4.2.0
Php Php 5.1.1
Php Php 4.1.0
Php Php 5.1.6
Php Php 4.0.4
Php Php 4.0.5
Php Php 5.0
Php Php 5.0.5
Php Php 5.0.1
Php Php 5.1.4
Php Php 4.0.7
Php Php 5.0.4
Php Php 4.2.2
Php Php 4.0.3
Php Php 4.0.2
Php Php 4.1.1
Php Php 5.0.3
Php Php 4.2.3
Php Php 5.1.0
Php Php 4.0.1
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5834
CVE-2024-30100
CVE-2024-4577
physical
dos
CVE-2024-30099
CVE-2024-27801
CVE-2024-32146
logic flaw
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »