Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php php 5.2.0 vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2007-1900
CRLF injection vulnerability in the FILTER_VALIDATE_EMAIL filter in ext/filter in PHP 5.2.0 and 5.2.1 allows context-dependent malicious users to inject arbitrary e-mail headers via an e-mail address with a '\n' character, which causes a regular expression to ignore the...
Php Php 5.2.1
Php Php 5.2.0
685
VMScore
CVE-2007-1522
Double free vulnerability in the session extension in PHP 5.2.0 and 5.2.1 allows context-dependent malicious users to execute arbitrary code via illegal characters in a session identifier, which is rejected by an internal session storage module, which calls the session identifier...
Php Php 5.2.1
Php Php 5.2.0
1 EDB exploit
465
VMScore
CVE-2006-6383
PHP 5.2.0 and 4.4 allows local users to bypass safe_mode and open_basedir restrictions via a malicious path and a null byte before a ";" in a session_save_path argument, followed by an allowed path, which causes a parsing inconsistency in which PHP validates the allowed...
Php Php 5.2.0
Php Php 4.4.0
1 EDB exploit
755
VMScore
CVE-2007-1453
Buffer underflow in the PHP_FILTER_TRIM_DEFAULT macro in the filtering extension (ext/filter) in PHP 5.2.0 allows context-dependent malicious users to execute arbitrary code by calling filter_var with certain modes such as FILTER_VALIDATE_INT, which causes filter to write a null ...
Php Php 5.2.0
1 EDB exploit
383
VMScore
CVE-2007-1454
ext/filter in PHP 5.2.0, when FILTER_SANITIZE_STRING is used with the FILTER_FLAG_STRIP_LOW flag, does not properly strip HTML tags, which allows remote malicious users to conduct cross-site scripting (XSS) attacks via HTML with a '<' character followed by certain wh...
Php Php 5.2.0
690
VMScore
CVE-2007-1584
Buffer underflow in the header function in PHP 5.2.0 allows context-dependent malicious users to execute arbitrary code by passing an all-whitespace string to this function, which causes it to write '\0' characters in whitespace that precedes the string.
Php Php 5.2.0
2 EDB exploits
668
VMScore
CVE-2007-1889
Integer signedness error in the _zend_mm_alloc_int function in the Zend Memory Manager in PHP 5.2.0 allows remote malicious users to execute arbitrary code via a large emalloc request, related to an incorrect signed long cast, as demonstrated via the HTTP SOAP client in PHP, and ...
Php Php 5.2.0
1000
VMScore
CVE-2007-0448
The fopen function in PHP 5.2.0 does not properly handle invalid URI handlers, which allows context-dependent malicious users to bypass safe_mode restrictions and read arbitrary files via a file path specified with an invalid URI, as demonstrated via the srpath URI.
Php Php 5.2.0
1 EDB exploit
1000
VMScore
CVE-2007-1399
Stack-based buffer overflow in the zip:// URL wrapper in PECL ZIP 1.8.3 and previous versions, as bundled with PHP 5.2.0 and 5.2.1, allows remote malicious users to execute arbitrary code via a long zip:// URL, as demonstrated by actively triggering URL access from a remote PHP i...
Php Php 5.2.0
Php Php 5.2.1
Pecl Zip 1.8.3
1 EDB exploit
445
VMScore
CVE-2009-1271
The JSON_parser function (ext/json/JSON_parser.c) in PHP 5.2.x prior to 5.2.9 allows remote malicious users to cause a denial of service (segmentation fault) via a malformed string to the json_decode API function.
Php Php 5.2.4
Php Php 5.2.3
Php Php 5.2.1
Php Php 5.2.2
Php Php 5.2.5
Php Php 5.2.7
Php Php 5.2.6
Php Php 5.2.0
Php Php 5.2.8
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »