Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php php 5.3.3 vulnerabilities and exploits
(subscribe to this query)
1000
VMScore
CVE-2012-2376
Buffer overflow in the com_print_typeinfo function in PHP 5.4.3 and previous versions on Windows allows remote malicious users to execute arbitrary code via crafted arguments that trigger incorrect handling of COM object VARIANT types, as exploited in the wild in May 2012.
Php Php 5.4.2
Php Php 5.4.1
Php Php 5.3.2
Php Php 5.2.8
Php Php 5.2.6
Php Php 5.1.1
Php Php 5.1.0
Php Php 5.3.6
Php Php 5.0.0
Php Php 5.2.3
Php Php 5.2.1
Php Php 5.3.3
Php Php 5.2.7
Php Php 5.2.14
Php Php 4.3.10
Php Php 4.2.1
Php Php 4.2.0
Php Php 4.3.8
Php Php 4.3.9
Php Php 4.4.9
Php Php 4.3.0
Php Php 4.0.6
1 EDB exploit
890
VMScore
CVE-2012-2688
Unspecified vulnerability in the _php_stream_scandir function in the stream implementation in PHP prior to 5.3.15 and 5.4.x prior to 5.4.5 has unknown impact and remote attack vectors, related to an "overflow."
Php Php
Php Php 5.3.1
Php Php 5.3.7
Php Php 5.3.12
Php Php 5.3.8
Php Php 5.3.11
Php Php 5.3.4
Php Php 5.3.3
Php Php 5.3.0
Php Php 5.3.2
Php Php 5.3.10
Php Php 5.2.15
Php Php 5.2.11
Php Php 5.2.7
Php Php 5.2.1
Php Php 5.2.2
Php Php 5.1.5
Php Php 5.0.5
Php Php 5.0.2
Php Php 5.0.1
Php Php 4.3.2
Php Php 4.3.11
890
VMScore
CVE-2011-3268
Buffer overflow in the crypt function in PHP prior to 5.3.7 allows context-dependent malicious users to have an unspecified impact via a long salt argument, a different vulnerability than CVE-2011-2483.
Php Php 4.3.11
Php Php 4.3.4
Php Php 4.2.2
Php Php 4.3.10
Php Php 4.3.1
Php Php 4.3.2
Php Php 4.2.0
Php Php 4.2.3
Php Php 4.3.7
Php Php 5.2.11
Php Php 4.4.2
Php Php 4.4.3
Php Php 5.1.2
Php Php 5.1.1
Php Php 5.0.1
Php Php 5.0.0
Php Php 5.2.3
Php Php 5.2.1
Php Php 5.2.10
Php Php 5.2.4
Php Php 3.0.1
Php Php 3.0
805
VMScore
CVE-2012-1823
sapi/cgi/cgi_main.c in PHP prior to 5.3.12 and 5.4.x prior to 5.4.2, when configured as a CGI script (aka php-cgi), does not properly handle query strings that lack an = (equals sign) character, which allows remote malicious users to execute arbitrary code by placing command-line...
Php Php
Php Php 5.3.10
Php Php 5.3.3
Php Php 5.3.2
Php Php 5.3.1
Php Php 5.2.12
Php Php 5.2.13
Php Php 5.2.4
Php Php 5.2.7
Php Php 5.1.6
Php Php 5.1.4
Php Php 5.0.0
Php Php 5.3.5
Php Php 5.3.4
Php Php 5.3.9
Php Php 5.3.8
Php Php 5.3.0
Php Php 5.2.5
Php Php 5.2.0
Php Php 5.2.3
Php Php 5.2.15
Php Php 5.2.16
4 EDB exploits
2 Nmap scripts
17 Github repositories
1 Article
771
VMScore
CVE-2012-2311
sapi/cgi/cgi_main.c in PHP prior to 5.3.13 and 5.4.x prior to 5.4.3, when configured as a CGI script (aka php-cgi), does not properly handle query strings that contain a %3D sequence but no = (equals sign) character, which allows remote malicious users to execute arbitrary code b...
Php Php 4.3.9
Php Php 4.4.9
Php Php 3.0
Php Php 5.2.9
Php Php 4.0
Php Php 3.0.5
Php Php 3.0.11
Php Php 5.3.10
Php Php 5.1.5
Php Php 5.3.6
Php Php 5.3.9
Php Php 5.1.2
Php Php 5.3.1
Php Php 4.2.0
Php Php 5.1.1
Php Php 3.0.1
Php Php 5.2.14
Php Php 3.0.2
Php Php 4.4.4
Php Php 5.0.0
Php Php 4.1.0
Php Php 5.1.6
4 EDB exploits
2 Github repositories
760
VMScore
CVE-2011-1938
Stack-based buffer overflow in the socket_connect function in ext/sockets/sockets.c in PHP 5.3.3 up to and including 5.3.6 might allow context-dependent malicious users to execute arbitrary code via a long pathname for a UNIX socket.
Php Php 5.3.4
Php Php 5.3.5
Php Php 5.3.3
Php Php 5.3.6
2 EDB exploits
755
VMScore
CVE-2012-2386
Integer overflow in the phar_parse_tarfile function in tar.c in the phar extension in PHP prior to 5.3.14 and 5.4.x prior to 5.4.4 allows remote malicious users to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted tar file that trigger...
Php Php
1 EDB exploit
755
VMScore
CVE-2011-1092
Integer overflow in ext/shmop/shmop.c in PHP prior to 5.3.6 allows context-dependent malicious users to cause a denial of service (crash) and possibly read sensitive memory via a large third argument to the shmop_read function.
Php Php 5.3.1
Php Php 5.3.2
Php Php 4.0.6
Php Php 4.0.7
Php Php 4.1.1
Php Php 4.1.2
Php Php 4.3.0
Php Php 4.0.2
Php Php 4.0.3
Php Php 4.0
Php Php 4.0.0
Php Php 4.0.1
Php Php 4.2.0
Php Php 4.3.1
Php Php 4.3.10
Php Php 4.3.7
Php Php 4.3.8
Php Php 4.4.5
Php Php 4.4.6
Php Php 3.0.1
Php Php 3.0
Php Php 3.0.17
1 EDB exploit
685
VMScore
CVE-2010-3870
The utf8_decode function in PHP prior to 5.3.4 does not properly handle non-shortest form UTF-8 encoding and ill-formed subsequences in UTF-8 data, which makes it easier for remote malicious users to bypass cross-site scripting (XSS) and SQL injection protection mechanisms via a ...
Php Php
Canonical Ubuntu Linux 10.10
Canonical Ubuntu Linux 9.10
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 6.06
1 EDB exploit
668
VMScore
CVE-2013-1635
ext/soap/soap.c in PHP prior to 5.3.22 and 5.4.x prior to 5.4.13 does not validate the relationship between the soap.wsdl_cache_dir directive and the open_basedir directive, which allows remote malicious users to bypass intended access restrictions by triggering the creation of c...
Php Php 4.3.9
Php Php 4.4.9
Php Php 3.0
Php Php
Php Php 5.2.9
Php Php 4.0
Php Php 3.0.5
Php Php 3.0.11
Php Php 5.3.10
Php Php 5.1.5
Php Php 5.3.6
Php Php 5.3.9
Php Php 5.1.2
Php Php 5.3.1
Php Php 4.2.0
Php Php 5.1.1
Php Php 3.0.1
Php Php 5.3.18
Php Php 5.2.14
Php Php 3.0.2
Php Php 4.4.4
Php Php 5.0.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »