Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php php 5.3.2 vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2021-32693
Symfony is a PHP framework for web and console applications and a set of reusable PHP components. A vulnerability related to firewall authentication is in Symfony starting with version 5.3.0 and before 5.3.2. When an application defines multiple firewalls, the token authenticated...
Sensiolabs Symfony
8.8
CVSSv3
CVE-2020-13443
ExpressionEngine prior to 5.3.2 allows remote malicious users to upload and execute arbitrary code in a .php%20 file via Compose Msg, Add attachment, and Save As Draft actions. A user with low privileges (member) is able to upload this. It is possible to bypass the MIME type chec...
Expressionengine Expressionengine
7.5
CVSSv3
CVE-2017-11142
In PHP prior to 5.6.31, 7.x prior to 7.0.17, and 7.1.x prior to 7.1.3, remote attackers could cause a CPU consumption denial of service attack by injecting long form variables, related to main/php_variables.c.
Php Php 7.0.0
Php Php 7.0.1
Php Php 7.0.8
Php Php 7.0.9
Php Php 7.1.0
Php Php 7.1.1
Php Php 7.0.4
Php Php 7.0.5
Php Php 7.0.12
Php Php 7.0.13
Php Php
Php Php 7.0.6
Php Php 7.0.7
Php Php 7.0.14
Php Php 7.0.15
Php Php 7.0.16
Php Php 7.0.2
Php Php 7.0.3
Php Php 7.0.10
Php Php 7.0.11
Php Php 7.1.2
7.5
CVSSv3
CVE-2017-11144
In PHP prior to 5.6.31, 7.x prior to 7.0.21, and 7.1.x prior to 7.1.7, the openssl extension PEM sealing code did not check the return value of the OpenSSL sealing function, which could lead to a crash of the PHP interpreter, related to an interpretation conflict for a negative n...
Php Php 7.1.0
Php Php 7.1.6
Php Php 7.0.11
Php Php 7.0.4
Php Php 7.1.3
Php Php 7.1.5
Php Php 7.0.19
Php Php 7.0.3
Php Php 7.0.1
Php Php 7.1.2
Php Php 7.0.12
Php Php 7.0.13
Php Php 7.0.16
Php Php 7.0.7
Php Php 7.0.14
Php Php 7.0.20
Php Php 7.0.15
Php Php
Php Php 7.0.18
Php Php 7.0.2
Php Php 7.0.9
Php Php 7.0.8
NA
CVE-2017-11146
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not an independently fixable security issue relative to CVE-2017-11145. Notes: none
9.1
CVSSv3
CVE-2017-11147
In PHP prior to 5.6.30 and 7.x prior to 7.0.15, the PHAR archive handler could be used by attackers supplying malicious archive files to crash the PHP interpreter or potentially disclose information due to a buffer over-read in the phar_parse_pharfile function in ext/phar/phar.c.
Php Php
Netapp Clustered Data Ontap -
7.5
CVSSv3
CVE-2016-7478
Zend/zend_exceptions.c in PHP, possibly 5.x prior to 5.6.28 and 7.x prior to 7.0.13, allows remote malicious users to cause a denial of service (infinite loop) via a crafted Exception object in serialized data, a related issue to CVE-2015-8876.
Php Php 5.0.0
Php Php 5.0.1
Php Php 5.0.2
Php Php 5.1.3
Php Php 5.1.4
Php Php 5.2.13
Php Php 5.2.14
Php Php 5.2.5
Php Php 5.2.6
Php Php 5.3.11
Php Php 5.3.12
Php Php 5.3.2
Php Php 5.3.20
Php Php 5.3.27
Php Php 5.3.28
Php Php 5.3.9
Php Php 5.4.0
Php Php 5.4.13
Php Php 5.4.14
Php Php 5.4.19
Php Php 5.4.2
Php Php 5.4.26
9.8
CVSSv3
CVE-2016-8580
PHP object injection vulnerabilities exist in multiple widget files in AlienVault OSSIM and USM prior to 5.3.2. These vulnerabilities allow arbitrary PHP code execution via magic methods in included classes.
Alienvault Unified Security Management
Alienvault Open Source Security Information And Event Management
2 EDB exploits
NA
CVE-2012-1171
The libxml RSHUTDOWN function in PHP 5.x allows remote malicious users to bypass the open_basedir protection mechanism and read arbitrary files via vectors involving a stream_close method call during use of a custom stream wrapper.
Php Php 5.0.2
Php Php 5.0.3
Php Php 5.0.4
Php Php 5.0.5
Php Php 5.1.0
Php Php 5.2.14
Php Php 5.2.15
Php Php 5.2.16
Php Php 5.2.17
Php Php 5.3.13
Php Php 5.3.14
Php Php 5.3.15
Php Php 5.3.16
Php Php 5.3.4
Php Php 5.3.5
Php Php 5.3.6
Php Php 5.3.7
Php Php 5.4.14
Php Php 5.4.15
Php Php 5.4.16
Php Php 5.4.17
Php Php 5.4.9
NA
CVE-2011-4718
Session fixation vulnerability in the Sessions subsystem in PHP prior to 5.5.2 allows remote malicious users to hijack web sessions by specifying a session ID.
Php Php 5.5.0
Php Php 5.2.9
Php Php 5.4.12
Php Php 5.3.10
Php Php 5.3.27
Php Php 5.1.5
Php Php 5.4.15
Php Php 5.3.6
Php Php 5.3.9
Php Php 5.1.2
Php Php 5.3.1
Php Php 5.1.1
Php Php 5.3.18
Php Php 5.2.14
Php Php 5.0.0
Php Php 5.1.6
Php Php 5.2.16
Php Php 5.3.24
Php Php 5.3.15
Php Php 5.3.8
Php Php 5.2.7
Php Php 5.2.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »