Vulnerabilities > PHP > PHP > 4.3.0

DATE CVE VULNERABILITY TITLE RISK
2003-07-24 CVE-2003-0442 Cross-Site Scripting vulnerability in PHP Transparent Session ID
Cross-site scripting (XSS) vulnerability in the transparent SID support capability for PHP before 4.3.2 (session.use_trans_sid) allows remote attackers to insert arbitrary script via the PHPSESSID parameter.
network
php redhat
4.3
4.3
2003-04-02 CVE-2003-0166 Unspecified vulnerability in PHP
Integer signedness error in emalloc() function for PHP before 4.3.2 allow remote attackers to cause a denial of service (memory consumption) and possibly execute arbitrary code via negative arguments to functions such as (1) socket_recv, (2) socket_recvfrom, and possibly other functions.
network
low complexity
php
7.5
7.5
2003-03-03 CVE-2003-0097 Unspecified vulnerability in PHP 4.3.0
Unknown vulnerability in CGI module for PHP 4.3.0 allows attackers to access arbitrary files as the PHP user, and possibly execute PHP code, by bypassing the CGI force redirect settings (cgi.force_redirect or --enable-force-cgi-redirect).
network
low complexity
php
7.5
7.5