Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php php 5.4.0 vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2013-3591
vTiger CRM 5.3 and 5.4: 'files' Upload Folder Arbitrary PHP Code Execution Vulnerability
Vtiger Vtiger Crm 5.3.0
Vtiger Vtiger Crm 5.4.0
1 EDB exploit
9.8
CVSSv3
CVE-2013-3214
vtiger CRM 5.4.0 and previous versions contain a PHP Code Injection Vulnerability in 'vtigerolservice.php'.
Vtiger Vtiger Crm
2 EDB exploits
1 Github repository
7.5
CVSSv3
CVE-2017-11144
In PHP prior to 5.6.31, 7.x prior to 7.0.21, and 7.1.x prior to 7.1.7, the openssl extension PEM sealing code did not check the return value of the OpenSSL sealing function, which could lead to a crash of the PHP interpreter, related to an interpretation conflict for a negative n...
Php Php 7.1.0
Php Php 7.1.6
Php Php 7.0.11
Php Php 7.0.4
Php Php 7.1.3
Php Php 7.1.5
Php Php 7.0.19
Php Php 7.0.3
Php Php 7.0.1
Php Php 7.1.2
Php Php 7.0.12
Php Php 7.0.13
Php Php 7.0.16
Php Php 7.0.7
Php Php 7.0.14
Php Php 7.0.20
Php Php 7.0.15
Php Php
Php Php 7.0.18
Php Php 7.0.2
Php Php 7.0.9
Php Php 7.0.8
NA
CVE-2017-11146
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not an independently fixable security issue relative to CVE-2017-11145. Notes: none
9.1
CVSSv3
CVE-2017-11147
In PHP prior to 5.6.30 and 7.x prior to 7.0.15, the PHAR archive handler could be used by attackers supplying malicious archive files to crash the PHP interpreter or potentially disclose information due to a buffer over-read in the phar_parse_pharfile function in ext/phar/phar.c.
Php Php
Netapp Clustered Data Ontap -
7.5
CVSSv3
CVE-2017-11142
In PHP prior to 5.6.31, 7.x prior to 7.0.17, and 7.1.x prior to 7.1.3, remote attackers could cause a CPU consumption denial of service attack by injecting long form variables, related to main/php_variables.c.
Php Php 7.1.0
Php Php 7.0.11
Php Php 7.0.4
Php Php 7.0.3
Php Php 7.0.1
Php Php 7.1.2
Php Php 7.0.12
Php Php 7.0.13
Php Php 7.0.16
Php Php 7.0.7
Php Php 7.0.14
Php Php 7.0.15
Php Php
Php Php 7.0.2
Php Php 7.0.9
Php Php 7.0.8
Php Php 7.0.5
Php Php 7.0.10
Php Php 7.0.0
Php Php 7.0.6
Php Php 7.1.1
7.5
CVSSv3
CVE-2016-7478
Zend/zend_exceptions.c in PHP, possibly 5.x prior to 5.6.28 and 7.x prior to 7.0.13, allows remote malicious users to cause a denial of service (infinite loop) via a crafted Exception object in serialized data, a related issue to CVE-2015-8876.
Php Php 5.6.1
Php Php 5.5.36
Php Php 5.5.0
Php Php 5.6.0
Php Php 5.5.34
Php Php 5.2.9
Php Php 5.4.12
Php Php 5.3.10
Php Php 7.0.11
Php Php 5.3.27
Php Php 5.1.5
Php Php 5.5.19
Php Php 7.0.4
Php Php 5.4.15
Php Php 5.6.12
Php Php 5.5.25
Php Php 5.3.6
Php Php 5.6.26
Php Php 5.3.9
Php Php 5.1.2
Php Php 5.6.24
Php Php 5.4.44
NA
CVE-2014-2268
views/Index.php in the Install module in vTiger 6.0 before Security Patch 2 does not properly restrict access, which allows remote malicious users to re-install the application via a request that sets the X-Requested-With HTTP header, as demonstrated by executing arbitrary PHP co...
Vtiger Vtiger Crm 5.0.3
Vtiger Vtiger Crm 5.0.1
Vtiger Vtiger Crm 5.3.0
Vtiger Vtiger Crm 5.1.0
Vtiger Vtiger Crm 5.2.0
Vtiger Vtiger Crm 2.0.1
Vtiger Vtiger Crm 2.0
Vtiger Vtiger Crm 4.2
Vtiger Vtiger Crm 5.0.4
Vtiger Vtiger Crm 6.0.0
Vtiger Vtiger Crm 5.4.0
Vtiger Vtiger Crm 2.1
Vtiger Vtiger Crm 4
Vtiger Vtiger Crm 4.0
Vtiger Vtiger Crm 3.0
Vtiger Vtiger Crm 5.0.0
Vtiger Vtiger Crm 5.0.2
Vtiger Vtiger Crm 3.2
Vtiger Vtiger Crm 1.0
Vtiger Vtiger Crm 4.2.4
Vtiger Vtiger Crm 5.2.1
Vtiger Vtiger Crm 4.0.1
1 EDB exploit
NA
CVE-2014-5120
gd_ctx.c in the GD component in PHP 5.4.x prior to 5.4.32 and 5.5.x prior to 5.5.16 does not ensure that pathnames lack %00 sequences, which might allow remote malicious users to overwrite arbitrary files via crafted input to an application that calls the (1) imagegd, (2) imagegd...
Php Php 5.5.0
Php Php 5.4.12
Php Php 5.4.15
Php Php 5.4.19
Php Php 5.5.1
Php Php 5.5.5
Php Php 5.4.14
Php Php 5.4.8
Php Php 5.5.14
Php Php 5.4.17
Php Php 5.5.7
Php Php 5.4.22
Php Php 5.4.9
Php Php 5.4.11
Php Php 5.5.12
Php Php 5.4.10
Php Php 5.5.6
Php Php 5.4.2
Php Php 5.5.3
Php Php 5.4.27
Php Php 5.5.8
Php Php 5.4.16
NA
CVE-2014-3597
Multiple buffer overflows in the php_parserr function in ext/standard/dns.c in PHP prior to 5.4.32 and 5.5.x prior to 5.5.16 allow remote DNS servers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted DNS record, related to the dns_g...
Php Php 5.5.0
Php Php 5.4.12
Php Php 5.4.15
Php Php
Php Php 5.4.19
Php Php 5.5.1
Php Php 5.5.5
Php Php 5.4.14
Php Php 5.4.8
Php Php 5.5.14
Php Php 5.4.17
Php Php 5.5.7
Php Php 5.4.22
Php Php 5.4.9
Php Php 5.4.11
Php Php 5.5.12
Php Php 5.4.10
Php Php 5.5.6
Php Php 5.4.2
Php Php 5.5.3
Php Php 5.4.27
Php Php 5.5.8
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »