U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • Keyword (text search): cpe:2.3:a:php:php:4.0.4:rc4:*:*:*:*:*:*
  • CPE Name Search: true
There are 403 matching records.
Displaying matches 401 through 403.
Vuln ID Summary CVSS Severity
CVE-2002-0121

PHP 4.0 through 4.1.1 stores session IDs in temporary files whose name contains the session ID, which allows local users to hijack web connections.

Published: March 25, 2002; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 2.1 LOW
CVE-2001-0108

PHP Apache module 4.0.4 and earlier allows remote attackers to bypass .htaccess access restrictions via a malformed HTTP request on an unrestricted page that causes PHP to use those access controls on the next page that is requested.

Published: March 12, 2001; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2001-1385

The Apache module for PHP 4.0.0 through PHP 4.0.4, when disabled with the 'engine = off' option for a virtual host, may disable PHP for other virtual hosts, which could cause Apache to serve the source code of PHP scripts.

Published: January 12, 2001; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 5.0 MEDIUM