Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php php 5.2.6 vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2008-2665
Directory traversal vulnerability in the posix_access function in PHP 5.2.6 and previous versions allows remote malicious users to bypass safe_mode restrictions via a .. (dot dot) in an http URL, which results in the URL being canonicalized to a local filename after the safe_mode...
Php Php 5.2.6
5
CVSSv2
CVE-2009-1272
The php_zip_make_relative_path function in php_zip.c in PHP 5.2.x prior to 5.2.9 allows context-dependent malicious users to cause a denial of service (crash) via a ZIP file that contains filenames with relative paths, which is not properly handled during extraction.
Php Php 5.2.5
Php Php 5.2.0
Php Php 5.2.2
Php Php 5.2.7
Php Php 5.2.4
Php Php 5.2.6
Php Php 5.2.8
Php Php 5.2.3
Php Php 5.2.1
5
CVSSv2
CVE-2009-1271
The JSON_parser function (ext/json/JSON_parser.c) in PHP 5.2.x prior to 5.2.9 allows remote malicious users to cause a denial of service (segmentation fault) via a malformed string to the json_decode API function.
Php Php 5.2.4
Php Php 5.2.3
Php Php 5.2.1
Php Php 5.2.2
Php Php 5.2.5
Php Php 5.2.7
Php Php 5.2.6
Php Php 5.2.0
Php Php 5.2.8
6.4
CVSSv2
CVE-2010-1128
The Linear Congruential Generator (LCG) in PHP prior to 5.2.13 does not provide the expected entropy, which makes it easier for context-dependent malicious users to guess values that were intended to be unpredictable, as demonstrated by session cookies generated by using the uniq...
Php Php 5.2.9
Php Php 5.2.8
Php Php 5.2.0
Php Php 5.2.11
Php Php 5.2.10
Php Php 5.2.1
Php Php 5.2.3
Php Php 5.2.2
Php Php
Php Php 5.2.5
Php Php 5.2.4
Php Php 5.2.7
Php Php 5.2.6
1 EDB exploit
7.5
CVSSv2
CVE-2010-1129
The safe_mode implementation in PHP prior to 5.2.13 does not properly handle directory pathnames that lack a trailing / (slash) character, which allows context-dependent malicious users to bypass intended access restrictions via vectors related to use of the tempnam function.
Php Php 5.2.5
Php Php 5.2.6
Php Php 5.2.0
Php Php 5.2.7
Php Php 5.2.8
Php Php 5.2.9
Php Php 5.2.3
Php Php 5.2.4
Php Php 5.2.12
Php Php 5.2.1
Php Php 5.2.2
Php Php 5.2.10
Php Php 5.2.11
5
CVSSv2
CVE-2010-2484
The strrchr function in PHP 5.2 prior to 5.2.14 allows context-dependent malicious users to obtain sensitive information (memory contents) or trigger memory corruption by causing a userspace interruption of an internal function or handler.
Php Php 5.2.11
Php Php 5.2.5
Php Php 5.2.2
Php Php 5.2.9
Php Php 5.2.6
Php Php 5.2.8
Php Php 5.2.0
Php Php 5.2.4
Php Php 5.2.13
Php Php 5.2.12
Php Php 5.2.10
Php Php 5.2.3
Php Php 5.2.1
7.5
CVSSv2
CVE-2008-5625
PHP 5 prior to 5.2.7 does not enforce the error_log safe_mode restrictions when safe_mode is enabled through a php_admin_flag setting in httpd.conf, which allows context-dependent malicious users to write to arbitrary files by placing a "php_value error_log" entry in a ...
Php Php 5.2.1
Php Php 5.2.2
Php Php 5.1.3
Php Php 5.1.2
Php Php 5.0.0
Php Php
Php Php 5.2.5
Php Php 5.1.6
Php Php 5.0.5
Php Php 5.0.4
Php Php 5.2.3
Php Php 5.2.4
Php Php 5.1.1
Php Php 5.1.0
Php Php 5.2.0
Php Php 5.1.5
Php Php 5.1.4
Php Php 5.0.3
Php Php 5.0.2
Php Php 5.0.1
1 EDB exploit
5
CVSSv2
CVE-2010-2093
Use-after-free vulnerability in the request shutdown functionality in PHP 5.2 prior to 5.2.13 and 5.3 prior to 5.3.2 allows context-dependent malicious users to cause a denial of service (crash) via a stream context structure that is freed before destruction occurs.
Php Php 5.2.2
Php Php 5.2.3
Php Php 5.2.10
Php Php 5.2.11
Php Php 5.2.4
Php Php 5.2.5
Php Php 5.2.12
Php Php 5.3.0
Php Php 5.2.0
Php Php 5.2.1
Php Php 5.2.8
Php Php 5.2.9
Php Php 5.2.6
Php Php 5.2.7
Php Php 5.3.1
4.6
CVSSv2
CVE-2006-3011
The error_log function in basic_functions.c in PHP prior to 4.4.4 and 5.x prior to 5.1.5 allows local users to bypass safe mode and open_basedir restrictions via a "php://" or other scheme in the third argument, which disables safe mode.
Php Php 1.0
Php Php 2.0b10
Php Php 3.0
Php Php 3.0.2
Php Php 3.0.10
Php Php 3.0.13
Php Php 3.0.3
Php Php 3.0.15
Php Php 3.0.14
Php Php 3.0.8
Php Php 3.0.5
Php Php 4.0.6
Php Php 4.0.5
Php Php 4.2.1
Php Php 4.2.2
Php Php 4.3.3
Php Php 4.3.4
Php Php 4.4.1
Php Php 4.4.2
Php Php 2.0
Php Php 3.0.11
Php Php 3.0.18
1 EDB exploit
5
CVSSv2
CVE-2008-2829
php_imap.c in PHP 5.2.5, 5.2.6, 4.x, and other versions, uses obsolete API calls that allow context-dependent malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a long IMAP request, which triggers an "rfc822.c legacy routine buffer o...
Php Php
Php Php 5.2.6
Php Php 5.2.5
Canonical Ubuntu Linux 6.06
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 7.10
Canonical Ubuntu Linux 7.04
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
CVE-2006-4304
wireless
CVE-2023-23022
local file inclusion
CVE-2024-27058
CVE-2024-33820
open redirect
CVE-2024-27079
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »