Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php php 5.2.1 vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2007-1522
Double free vulnerability in the session extension in PHP 5.2.0 and 5.2.1 allows context-dependent malicious users to execute arbitrary code via illegal characters in a session identifier, which is rejected by an internal session storage module, which calls the session identifier...
Php Php 5.2.1
Php Php 5.2.0
1 EDB exploit
6.8
CVSSv2
CVE-2007-1886
Integer overflow in the str_replace function in PHP 4.4.5 and PHP 5.2.1 allows context-dependent malicious users to have an unknown impact via a single character search string in conjunction with a single character replacement string, which causes an "off by one overflow.&qu...
Php Php 5.2.1
Php Php 4.4.5
5
CVSSv2
CVE-2007-1900
CRLF injection vulnerability in the FILTER_VALIDATE_EMAIL filter in ext/filter in PHP 5.2.0 and 5.2.1 allows context-dependent malicious users to inject arbitrary e-mail headers via an e-mail address with a '\n' character, which causes a regular expression to ignore the...
Php Php 5.2.1
Php Php 5.2.0
4.3
CVSSv2
CVE-2007-1710
The readfile function in PHP 4.4.4, 5.1.6, and 5.2.1 allows context-dependent malicious users to bypass safe_mode restrictions and read arbitrary files by referring to local files with a certain URL syntax instead of a pathname syntax, as demonstrated by a filename preceded a &qu...
Php Php 4.4.4
Php Php 5.1.6
Php Php 5.2.1
7.8
CVSSv2
CVE-2007-1649
PHP 5.2.1 allows context-dependent malicious users to read portions of heap memory by executing certain scripts with a serialized data input string beginning with S:, which does not properly track the number of input bytes being processed.
Php Php 5.2.1
1 EDB exploit
4.3
CVSSv2
CVE-2007-1709
Buffer overflow in the confirm_phpdoc_compiled function in the phpDOC extension (PECL phpDOC) in PHP 5.2.1 allows context-dependent malicious users to execute arbitrary code via a long argument string.
Php Php 5.2.1
1 EDB exploit
7.8
CVSSv2
CVE-2007-0911
Off-by-one error in the str_ireplace function in PHP 5.2.1 might allow context-dependent malicious users to cause a denial of service (crash).
Php Php 5.2.1
1 EDB exploit
10
CVSSv2
CVE-2007-1399
Stack-based buffer overflow in the zip:// URL wrapper in PECL ZIP 1.8.3 and previous versions, as bundled with PHP 5.2.0 and 5.2.1, allows remote malicious users to execute arbitrary code via a long zip:// URL, as demonstrated by actively triggering URL access from a remote PHP i...
Php Php 5.2.0
Php Php 5.2.1
Pecl Zip 1.8.3
1 EDB exploit
5
CVSSv2
CVE-2009-1271
The JSON_parser function (ext/json/JSON_parser.c) in PHP 5.2.x prior to 5.2.9 allows remote malicious users to cause a denial of service (segmentation fault) via a malformed string to the json_decode API function.
Php Php 5.2.4
Php Php 5.2.3
Php Php 5.2.1
Php Php 5.2.2
Php Php 5.2.5
Php Php 5.2.7
Php Php 5.2.6
Php Php 5.2.0
Php Php 5.2.8
5
CVSSv2
CVE-2009-1272
The php_zip_make_relative_path function in php_zip.c in PHP 5.2.x prior to 5.2.9 allows context-dependent malicious users to cause a denial of service (crash) via a ZIP file that contains filenames with relative paths, which is not properly handled during extraction.
Php Php 5.2.5
Php Php 5.2.0
Php Php 5.2.2
Php Php 5.2.7
Php Php 5.2.4
Php Php 5.2.6
Php Php 5.2.8
Php Php 5.2.3
Php Php 5.2.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
firewall
CVE-2024-35649
stored XSS
CVE-2022-28654
CVE-2020-35153
CVE-2024-27348
CVE-2022-28652
local users
CVE-2017-3506
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »