Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

RedhatCVE
RedhatCVEadded 2026/04/25 1:22 a.m.3 views

CVE-2026-34415

Xerte Online Toolkits versions 3.15 and earlier contain an incomplete input validation vulnerability in the elFinder connector endpoint that fails to block PHP-executable extensions .php4 due to an incorrect regex pattern. Unauthenticated attackers can exploit this flaw combined with authenticati...

9.8CVSS5.8AI score0.00429EPSS
Exploits0References1
NVD
NVDadded 2026/04/22 7:17 p.m.2 views

CVE-2026-34415

Xerte Online Toolkits versions 3.15 and earlier contain an incomplete input validation vulnerability in the elFinder connector endpoint that fails to block PHP-executable extensions .php4 due to an incorrect regex pattern. Unauthenticated attackers can exploit this flaw combined with authenticati...

9.8CVSS0.00429EPSS
Exploits0References8
SUSE CVE
SUSE CVEadded 2023/02/15 6:19 a.m.1 views

SUSE CVE-2004-1064

The safe mode checks in PHP 4.x to 4.3.9 and PHP 5.x to 5.0.2 truncate the file path before passing the data to the realpath function, which could allow attackers to bypass safe mode. NOTE: this issue was originally REJECTed by its CNA before publication, but that decision is in active dispute...

10CVSS6.9AI score0.01731EPSS
Exploits0References3
OSV
OSVadded 2022/10/21 1:15 p.m.2 views

CVE-2022-42205

PHPGurukul Hospital Management System In PHP V 4.0 is vulnerable to Cross Site Scripting XSS via add-patient.php...

5.4CVSS5.8AI score0.00224EPSS
Exploits1References1
OSV
OSVadded 2021/06/22 3:15 p.m.1 views

CVE-2020-22174

PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\book-appointment.php. Remote unauthenticated users can exploit the vulnerability to obtain database sensitive information...

7.5CVSS5.8AI score0.01984EPSS
Exploits1References1
Positive Technologies
Positive Technologiesadded 2008/05/07 12:0 a.m.3 views

PT-2008-3624 · Php +1 · Php +1

Name of the Vulnerable Software and Affected Versions: PHP versions 4.x through 4.4.7 PHP versions 5.x through 5.2.4 Description: The issue arises from the GENERATE SEED macro, which, when running on 64-bit systems, performs a multiplication that generates a portion of zero bits during conversion...

10CVSS9.5AI score0.06231EPSS
Exploits3References41
Debian
Debianadded 2000/10/14 7:46 a.m.3 views

[SECURITY] New version of Debian php4 packages released (updated)

Package: php4 Vulnerability: possible remote exploit Debian-specific: no Vulnerable: yes Updated version: corrected URLs In versions of the PHP 4 packages before version 4.0.3, several format string bugs could allow properly crafted requests to execute code as the user running PHP scripts on the...

6AI score
Exploits0
Debian
Debianadded 2000/10/14 7:36 a.m.0 views

[SECURITY] New version of Debian php4 packages released

Package: php4 Vulnerability: possible remote exploit Debian-specific: no Vulnerable: yes In versions of the PHP 4 packages before version 4.0.3, several format string bugs could allow properly crafted requests to execute code as the user running PHP scripts on the web server. This problem is fixe...

6AI score
Exploits0
Rows per page
Query Builder