Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php php 5.3.9 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2016-7478
Zend/zend_exceptions.c in PHP, possibly 5.x prior to 5.6.28 and 7.x prior to 7.0.13, allows remote malicious users to cause a denial of service (infinite loop) via a crafted Exception object in serialized data, a related issue to CVE-2015-8876.
Php Php 5.6.1
Php Php 5.5.36
Php Php 5.5.0
Php Php 5.6.0
Php Php 5.5.34
Php Php 5.2.9
Php Php 5.4.12
Php Php 5.3.10
Php Php 7.0.11
Php Php 5.3.27
Php Php 5.1.5
Php Php 5.5.19
Php Php 7.0.4
Php Php 5.4.15
Php Php 5.6.12
Php Php 5.5.25
Php Php 5.3.6
Php Php 5.6.26
Php Php 5.3.9
Php Php 5.1.2
Php Php 5.6.24
Php Php 5.4.44
NA
CVE-2012-1171
The libxml RSHUTDOWN function in PHP 5.x allows remote malicious users to bypass the open_basedir protection mechanism and read arbitrary files via vectors involving a stream_close method call during use of a custom stream wrapper.
Php Php 5.5.0
Php Php 5.2.9
Php Php 5.4.12
Php Php 5.3.10
Php Php 5.3.27
Php Php 5.1.5
Php Php 5.4.15
Php Php 5.3.6
Php Php 5.3.9
Php Php 5.1.2
Php Php 5.3.1
Php Php 5.1.1
Php Php 5.3.18
Php Php 5.4.19
Php Php 5.2.14
Php Php 5.0.0
Php Php 5.1.6
Php Php 5.2.16
Php Php 5.5.1
Php Php 5.3.24
Php Php 5.3.15
Php Php 5.3.8
NA
CVE-2011-4718
Session fixation vulnerability in the Sessions subsystem in PHP prior to 5.5.2 allows remote malicious users to hijack web sessions by specifying a session ID.
Php Php 5.5.0
Php Php 5.2.9
Php Php 5.4.12
Php Php 5.3.10
Php Php 5.3.27
Php Php 5.1.5
Php Php 5.4.15
Php Php 5.3.6
Php Php 5.3.9
Php Php 5.1.2
Php Php 5.3.1
Php Php 5.1.1
Php Php 5.3.18
Php Php 5.2.14
Php Php 5.0.0
Php Php 5.1.6
Php Php 5.2.16
Php Php 5.3.24
Php Php 5.3.15
Php Php 5.3.8
Php Php 5.2.7
Php Php 5.2.2
NA
CVE-2013-4635
Integer overflow in the SdnToJewish function in jewish.c in the Calendar component in PHP prior to 5.3.26 and 5.4.x prior to 5.4.16 allows context-dependent malicious users to cause a denial of service (application hang) via a large argument to the jdtojewish function.
Php Php 4.3.9
Php Php 4.4.9
Php Php 3.0
Php Php 5.2.9
Php Php 4.0
Php Php 3.0.5
Php Php 3.0.11
Php Php 5.3.10
Php Php 5.1.5
Php Php 5.3.6
Php Php 5.3.9
Php Php 5.1.2
Php Php 5.3.1
Php Php 4.2.0
Php Php 5.1.1
Php Php 3.0.1
Php Php 5.3.18
Php Php 5.2.14
Php Php 3.0.2
Php Php 4.4.4
Php Php 5.0.0
Php Php 4.1.0
NA
CVE-2013-2110
Heap-based buffer overflow in the php_quot_print_encode function in ext/standard/quot_print.c in PHP prior to 5.3.26 and 5.4.x prior to 5.4.16 allows remote malicious users to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted ar...
Php Php 4.3.9
Php Php 4.4.9
Php Php 3.0
Php Php 5.2.9
Php Php 4.0
Php Php 3.0.5
Php Php 3.0.11
Php Php 5.3.10
Php Php 5.1.5
Php Php 5.3.6
Php Php 5.3.9
Php Php 5.1.2
Php Php 5.3.1
Php Php 4.2.0
Php Php 5.1.1
Php Php 3.0.1
Php Php 5.3.18
Php Php 5.2.14
Php Php 3.0.2
Php Php 4.4.4
Php Php 5.0.0
Php Php 4.1.0
NA
CVE-2013-1635
ext/soap/soap.c in PHP prior to 5.3.22 and 5.4.x prior to 5.4.13 does not validate the relationship between the soap.wsdl_cache_dir directive and the open_basedir directive, which allows remote malicious users to bypass intended access restrictions by triggering the creation of c...
Php Php 4.3.9
Php Php 4.4.9
Php Php 3.0
Php Php
Php Php 5.2.9
Php Php 4.0
Php Php 3.0.5
Php Php 3.0.11
Php Php 5.3.10
Php Php 5.1.5
Php Php 5.3.6
Php Php 5.3.9
Php Php 5.1.2
Php Php 5.3.1
Php Php 4.2.0
Php Php 5.1.1
Php Php 3.0.1
Php Php 5.3.18
Php Php 5.2.14
Php Php 3.0.2
Php Php 4.4.4
Php Php 5.0.0
NA
CVE-2013-1643
The SOAP parser in PHP prior to 5.3.23 and 5.4.x prior to 5.4.13 allows remote malicious users to read arbitrary files via a SOAP WSDL file containing an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue in the ...
Php Php 4.3.9
Php Php 4.4.9
Php Php 3.0
Php Php
Php Php 5.2.9
Php Php 4.0
Php Php 3.0.5
Php Php 3.0.11
Php Php 5.3.10
Php Php 5.1.5
Php Php 5.3.6
Php Php 5.3.9
Php Php 5.1.2
Php Php 5.3.1
Php Php 4.2.0
Php Php 5.1.1
Php Php 3.0.1
Php Php 5.3.18
Php Php 5.2.14
Php Php 3.0.2
Php Php 4.4.4
Php Php 5.0.0
NA
CVE-2012-6113
The openssl_encrypt function in ext/openssl/openssl.c in PHP 5.3.9 up to and including 5.3.13 does not initialize a certain variable, which allows remote malicious users to obtain sensitive information from process memory by providing zero bytes of input data.
Php Php 5.3.10
Php Php 5.3.9
Php Php 5.3.12
Php Php 5.3.11
Php Php 5.3.13
NA
CVE-2011-1398
The sapi_header_op function in main/SAPI.c in PHP prior to 5.3.11 and 5.4.x prior to 5.4.0RC2 does not check for %0D sequences (aka carriage return characters), which allows remote malicious users to bypass an HTTP response-splitting protection mechanism via a crafted URL, relate...
Php Php 5.3.6
Php Php 5.3.9
Php Php 5.3.1
Php Php 5.3.8
Php Php
Php Php 5.3.0
Php Php 5.3.3
Php Php 5.3.7
Php Php 5.3.2
Php Php 5.3.4
Php Php 5.3.5
1 EDB exploit
NA
CVE-2012-3450
pdo_sql_parser.re in the PDO extension in PHP prior to 5.3.14 and 5.4.x prior to 5.4.4 does not properly determine the end of the query string during parsing of prepared statements, which allows remote malicious users to cause a denial of service (out-of-bounds read and applicati...
Php Php 5.3.10
Php Php 5.3.6
Php Php 5.3.9
Php Php 5.3.1
Php Php 5.3.8
Php Php
Php Php 5.4.2
Php Php 5.3.12
Php Php 5.3.0
Php Php 5.3.3
Php Php 5.3.7
Php Php 5.3.11
Php Php 5.4.0
Php Php 5.3.2
Php Php 5.4.3
Php Php 5.3.4
Php Php 5.4.1
Php Php 5.3.5
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »