Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

php php 5.3.12 vulnerabilities and exploits

(subscribe to this query)
668
VMScore
CVE-2012-2335
php-wrapper.fcgi does not properly handle command-line arguments, which allows remote malicious users to bypass a protection mechanism in PHP 5.3.12 and 5.4.2 and execute arbitrary code by leveraging improper interaction between the PHP sapi/cgi/cgi_main.c component and a query s...
Php Php 5.4.2Php Php 5.3.12
445
VMScore
CVE-2012-6113
The openssl_encrypt function in ext/openssl/openssl.c in PHP 5.3.9 up to and including 5.3.13 does not initialize a certain variable, which allows remote malicious users to obtain sensitive information from process memory by providing zero bytes of input data.
Php Php 5.3.10Php Php 5.3.9Php Php 5.3.12Php Php 5.3.11Php Php 5.3.13
265
VMScore
CVE-2012-3450
pdo_sql_parser.re in the PDO extension in PHP prior to 5.3.14 and 5.4.x prior to 5.4.4 does not properly determine the end of the query string during parsing of prepared statements, which allows remote malicious users to cause a denial of service (out-of-bounds read and applicati...
Php Php 5.3.11Php Php 5.3.4Php Php 5.3.9Php Php 5.3.2Php Php 5.3.12Php Php 5.3.8Php Php 5.3.6Php Php 5.3.5Php Php 5.4.2Php Php 5.4.3Php Php 5.3.1Php Php 5.3.7Php Php 5.4.0Php Php 5.4.1Php Php 5.3.3Php Php 5.3.0Php Php 5.3.10Php Php
520
VMScore
CVE-2012-2336
sapi/cgi/cgi_main.c in PHP prior to 5.3.13 and 5.4.x prior to 5.4.3, when configured as a CGI script (aka php-cgi), does not properly handle query strings that lack an = (equals sign) character, which allows remote malicious users to cause a denial of service (resource consumptio...
Php Php 4.3.9Php Php 4.4.9Php Php 3.0Php Php 5.2.9Php Php 4.0Php Php 3.0.5Php Php 3.0.11Php Php 5.3.10Php Php 5.1.5Php Php 5.3.6Php Php 5.3.9Php Php 5.1.2Php Php 5.3.1Php Php 4.2.0Php Php 5.1.1Php Php 3.0.1Php Php 5.2.14Php Php 3.0.2Php Php 4.4.4Php Php 5.0.0Php Php 4.1.0Php Php 5.1.6
771
VMScore
CVE-2012-2311
sapi/cgi/cgi_main.c in PHP prior to 5.3.13 and 5.4.x prior to 5.4.3, when configured as a CGI script (aka php-cgi), does not properly handle query strings that contain a %3D sequence but no = (equals sign) character, which allows remote malicious users to execute arbitrary code b...
Php Php 4.3.9Php Php 4.4.9Php Php 3.0Php Php 5.2.9Php Php 4.0Php Php 3.0.5Php Php 3.0.11Php Php 5.3.10Php Php 5.1.5Php Php 5.3.6Php Php 5.3.9Php Php 5.1.2Php Php 5.3.1Php Php 4.2.0Php Php 5.1.1Php Php 3.0.1Php Php 5.2.14Php Php 3.0.2Php Php 4.4.4Php Php 5.0.0Php Php 4.1.0Php Php 5.1.6
805
VMScore
CVE-2012-1823
sapi/cgi/cgi_main.c in PHP prior to 5.3.12 and 5.4.x prior to 5.4.2, when configured as a CGI script (aka php-cgi), does not properly handle query strings that lack an = (equals sign) character, which allows remote malicious users to execute arbitrary code by placing command-line...
Php PhpPhp Php 5.3.10Php Php 5.3.3Php Php 5.3.2Php Php 5.3.1Php Php 5.2.12Php Php 5.2.13Php Php 5.2.4Php Php 5.2.7Php Php 5.1.6Php Php 5.1.4Php Php 5.0.0Php Php 5.3.5Php Php 5.3.4Php Php 5.3.9Php Php 5.3.8Php Php 5.3.0Php Php 5.2.5Php Php 5.2.0Php Php 5.2.3Php Php 5.2.15Php Php 5.2.16
605
VMScore
CVE-2011-4718
Session fixation vulnerability in the Sessions subsystem in PHP prior to 5.5.2 allows remote malicious users to hijack web sessions by specifying a session ID.
Php Php 5.5.0Php Php 5.2.9Php Php 5.4.12Php Php 5.3.10Php Php 5.3.27Php Php 5.1.5Php Php 5.4.15Php Php 5.3.6Php Php 5.3.9Php Php 5.1.2Php Php 5.3.1Php Php 5.1.1Php Php 5.3.18Php Php 5.2.14Php Php 5.0.0Php Php 5.1.6Php Php 5.2.16Php Php 5.3.24Php Php 5.3.15Php Php 5.3.8Php Php 5.2.7Php Php 5.2.2
445
VMScore
CVE-2012-1171
The libxml RSHUTDOWN function in PHP 5.x allows remote malicious users to bypass the open_basedir protection mechanism and read arbitrary files via vectors involving a stream_close method call during use of a custom stream wrapper.
Php Php 5.0.2Php Php 5.0.3Php Php 5.0.4Php Php 5.0.5Php Php 5.1.0Php Php 5.2.14Php Php 5.2.15Php Php 5.2.16Php Php 5.2.17Php Php 5.3.13Php Php 5.3.14Php Php 5.3.15Php Php 5.3.16Php Php 5.3.4Php Php 5.3.5Php Php 5.3.6Php Php 5.3.7Php Php 5.4.14Php Php 5.4.15Php Php 5.4.16Php Php 5.4.17Php Php 5.4.9
890
VMScore
CVE-2012-2688
Unspecified vulnerability in the _php_stream_scandir function in the stream implementation in PHP prior to 5.3.15 and 5.4.x prior to 5.4.5 has unknown impact and remote attack vectors, related to an "overflow."
Php PhpPhp Php 5.3.1Php Php 5.3.7Php Php 5.3.12Php Php 5.3.8Php Php 5.3.11Php Php 5.3.4Php Php 5.3.3Php Php 5.3.0Php Php 5.3.2Php Php 5.3.10Php Php 5.2.15Php Php 5.2.11Php Php 5.2.7Php Php 5.2.1Php Php 5.2.2Php Php 5.1.5Php Php 5.0.5Php Php 5.0.2Php Php 5.0.1Php Php 4.3.2Php Php 4.3.11
445
VMScore
CVE-2012-3365
The SQLite functionality in PHP prior to 5.3.15 allows remote malicious users to bypass the open_basedir protection mechanism via unspecified vectors.
Php Php 5.3.11Php Php 5.3.4Php Php 5.3.13Php Php 5.3.2Php Php 5.2.13Php Php 5.2.5Php Php 5.2.3Php Php 5.2.14Php Php 5.1.6Php Php 5.1.4Php Php 5.0.0Php Php 4.3.10Php Php 4.3.1Php Php 4.4.8Php Php 4.2.0Php Php 4.3.0Php Php 4.3.7Php Php 4.4.4Php Php 4.0Php Php 4.0.5Php Php 4.0.4Php Php 3.0.11
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322CVE-2006-4304wirelessCVE-2023-23022local file inclusionCVE-2024-27058CVE-2024-33820open redirectCVE-2024-27079
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook