VulnerableCode Vulnerability Details - VCID-rnhz-y1dn-pqfg

Staging Environment: Content and features may be unstable or change without notice.

Search for vulnerabilities

Vulnerability details: VCID-rnhz-y1dn-pqfg

Essentials
Severities (9)
References (11)
Severity details (0)
Exploits (1)
EPSS
History (1)

Vulnerability ID	VCID-rnhz-y1dn-pqfg
Aliases	CVE-2015-4148
Summary	Multiple vulnerabilities have been found in PHP, the worst of which could lead to arbitrary code execution, or cause a Denial of Service condition.
Status	Published
Exploitability	2.0
Weighted Severity	0.2
Risk	0.4
Affected and Fixed Packages	Package Details

Weaknesses (1)

CWE-843

Access of Resource Using Incompatible Type ('Type Confusion')

System	Score	Found at
epss	0.16938	https://api.first.org/data/v1/epss?cve=CVE-2015-4148
epss	0.16938	https://api.first.org/data/v1/epss?cve=CVE-2015-4148
epss	0.16938	https://api.first.org/data/v1/epss?cve=CVE-2015-4148
epss	0.16938	https://api.first.org/data/v1/epss?cve=CVE-2015-4148
epss	0.16938	https://api.first.org/data/v1/epss?cve=CVE-2015-4148
epss	0.16938	https://api.first.org/data/v1/epss?cve=CVE-2015-4148
epss	0.16938	https://api.first.org/data/v1/epss?cve=CVE-2015-4148
epss	0.16938	https://api.first.org/data/v1/epss?cve=CVE-2015-4148
epss	0.16938	https://api.first.org/data/v1/epss?cve=CVE-2015-4148

Reference id	Reference type	URL
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4148.json
		https://api.first.org/data/v1/epss?cve=CVE-2015-4148
1226916		https://bugzilla.redhat.com/show_bug.cgi?id=1226916
CVE-2015-4148;OSVDB-125855;OSVDB-119772	Exploit	http://lab.truel.it/d/advisories/TL-2015-PHP04.txt
CVE-2015-4148;OSVDB-125855;OSVDB-119772	Exploit	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/38304.py
GLSA-201606-10		https://security.gentoo.org/glsa/201606-10
RHSA-2015:1053		https://access.redhat.com/errata/RHSA-2015:1053
RHSA-2015:1066		https://access.redhat.com/errata/RHSA-2015:1066
RHSA-2015:1135		https://access.redhat.com/errata/RHSA-2015:1135
RHSA-2015:1218		https://access.redhat.com/errata/RHSA-2015:1218
USN-2658-1		https://usn.ubuntu.com/2658-1/

Data source	Exploit-DB
Date added	Sept. 24, 2015
Description	SMF (Simple Machine Forum) 2.0.10 - Remote Memory Exfiltration
Ransomware campaign use	Unknown
Source publication date	Sept. 24, 2015
Exploit type	webapps
Platform	php
Source update date	Sept. 24, 2015
Source URL	http://lab.truel.it/d/advisories/TL-2015-PHP04.txt

There are no known vectors.

Exploit Prediction Scoring System (EPSS)

Percentile	0.94937
EPSS Score	0.16938
Published At	April 1, 2026, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
2026-04-01T13:02:49.850835+00:00	Gentoo Importer	Import	https://security.gentoo.org/glsa/201606-10	38.0.0