Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php php 5.2.2 vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2016-10074
The mail transport (aka Swift_Transport_MailTransport) in Swift Mailer prior to 5.4.5 might allow remote malicious users to pass extra parameters to the mail command and consequently execute arbitrary code via a \" (backslash double quote) in a crafted e-mail address in the ...
Swiftmailer Swiftmailer
3 EDB exploits
3 Github repositories
1 Article
8.8
CVSSv3
CVE-2021-25051
The Modal Window WordPress plugin prior to 5.2.2 within the wow-company admin menu page allows to include() arbitrary file with PHP extension (as well as with data:// or http:// protocols), thus leading to CSRF RCE.
Wow-company Modal Window
7.5
CVSSv3
CVE-2017-7414
In Horde_Crypt prior to 2.7.6, as used in Horde Groupware Webmail Edition 5.x up to and including 5.2.17, OS Command Injection can occur if the user has PGP features enabled in the user's preferences, and has enabled the "Should PGP signed messages be automatically veri...
Horde Groupware 5.1.0
Horde Groupware 5.2.1
Horde Groupware 5.2.2
Horde Groupware 5.0.0
Horde Groupware 5.0.4
Horde Groupware 5.0.5
Horde Groupware 5.1.5
Horde Groupware 5.2.0
Horde Groupware 5.2.7
Horde Groupware 5.0.2
Horde Groupware 5.0.3
Horde Groupware 5.1.3
Horde Groupware 5.1.4
Horde Groupware 5.2.5
Horde Groupware 5.2.6
Horde Groupware 5.0.1
Horde Groupware 5.1.1
Horde Groupware 5.1.2
Horde Groupware 5.2.3
Horde Groupware 5.2.4
7.5
CVSSv3
CVE-2016-7478
Zend/zend_exceptions.c in PHP, possibly 5.x prior to 5.6.28 and 7.x prior to 7.0.13, allows remote malicious users to cause a denial of service (infinite loop) via a crafted Exception object in serialized data, a related issue to CVE-2015-8876.
Php Php 5.0.0
Php Php 5.0.1
Php Php 5.0.2
Php Php 5.1.3
Php Php 5.1.4
Php Php 5.2.13
Php Php 5.2.14
Php Php 5.2.5
Php Php 5.2.6
Php Php 5.3.11
Php Php 5.3.12
Php Php 5.3.2
Php Php 5.3.20
Php Php 5.3.27
Php Php 5.3.28
Php Php 5.3.9
Php Php 5.4.0
Php Php 5.4.13
Php Php 5.4.14
Php Php 5.4.19
Php Php 5.4.2
Php Php 5.4.26
7.5
CVSSv3
CVE-2007-1285
The Zend Engine in PHP 4.x prior to 4.4.7, and 5.x prior to 5.2.2, allows remote malicious users to cause a denial of service (stack exhaustion and PHP crash) via deeply nested arrays, which trigger deep recursion in the variable destruction routines.
Php Php
Canonical Ubuntu Linux 7.10
Novell Suse Linux 10.0
Novell Suse Linux 10.1
Suse Linux Enterprise Server 10
Suse Linux Enterprise Server 8
Redhat Enterprise Linux Desktop 3.0
Redhat Enterprise Linux Desktop 4.0
Redhat Enterprise Linux Server 4.0
Redhat Enterprise Linux Workstation 4.0
Redhat Enterprise Linux Workstation 3.0
Redhat Enterprise Linux Server 3.0
Redhat Enterprise Linux Server 2.0
Redhat Enterprise Linux Workstation 2.0
1 EDB exploit
NA
CVE-2015-6548
Multiple SQL injection vulnerabilities in a PHP script in the management console on Symantec Web Gateway (SWG) appliances with software prior to 5.2.2 DB 5.0.0.1277 allow remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
Symantec Web Gateway
NA
CVE-2015-5691
Multiple cross-site scripting (XSS) vulnerabilities in PHP scripts in the management console on Symantec Web Gateway (SWG) appliances with software prior to 5.2.2 DB 5.0.0.1277 allow remote malicious users to inject arbitrary web script or HTML via unspecified vectors, as demonst...
Symantec Web Gateway
NA
CVE-2014-7285
The management console on the Symantec Web Gateway (SWG) appliance prior to 5.2.2 allows remote authenticated users to execute arbitrary OS commands by injecting command strings into unspecified PHP scripts.
Symantec Web Gateway
1 EDB exploit
2 Github repositories
NA
CVE-2012-1171
The libxml RSHUTDOWN function in PHP 5.x allows remote malicious users to bypass the open_basedir protection mechanism and read arbitrary files via vectors involving a stream_close method call during use of a custom stream wrapper.
Php Php 5.0.2
Php Php 5.0.3
Php Php 5.0.4
Php Php 5.0.5
Php Php 5.1.0
Php Php 5.2.14
Php Php 5.2.15
Php Php 5.2.16
Php Php 5.2.17
Php Php 5.3.13
Php Php 5.3.14
Php Php 5.3.15
Php Php 5.3.16
Php Php 5.3.4
Php Php 5.3.5
Php Php 5.3.6
Php Php 5.3.7
Php Php 5.4.14
Php Php 5.4.15
Php Php 5.4.16
Php Php 5.4.17
Php Php 5.4.9
NA
CVE-2011-4718
Session fixation vulnerability in the Sessions subsystem in PHP prior to 5.5.2 allows remote malicious users to hijack web sessions by specifying a session ID.
Php Php 5.5.0
Php Php 5.2.9
Php Php 5.4.12
Php Php 5.3.10
Php Php 5.3.27
Php Php 5.1.5
Php Php 5.4.15
Php Php 5.3.6
Php Php 5.3.9
Php Php 5.1.2
Php Php 5.3.1
Php Php 5.1.1
Php Php 5.3.18
Php Php 5.2.14
Php Php 5.0.0
Php Php 5.1.6
Php Php 5.2.16
Php Php 5.3.24
Php Php 5.3.15
Php Php 5.3.8
Php Php 5.2.7
Php Php 5.2.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4651
CVE-2024-34255
elevation of privilege
CVE-2024-25529
CVE-2024-4671
NULL pointer dereference
CVE-2024-25527
template injection
CVE-2008-0166
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »