Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php php 7.0.2 vulnerabilities and exploits
(subscribe to this query)
755
VMScore
CVE-2016-4071
Format string vulnerability in the php_snmp_error function in ext/snmp/snmp.c in PHP prior to 5.5.34, 5.6.x prior to 5.6.20, and 7.x prior to 7.0.5 allows remote malicious users to execute arbitrary code via format string specifiers in an SNMP::get call.
Php Php 5.6.1
Php Php 5.6.0
Php Php 5.6.5
Php Php 5.6.12
Php Php 5.6.13
Php Php 5.6.4
Php Php 5.6.6
Php Php 5.6.18
Php Php 5.6.11
Php Php 5.6.2
Php Php 5.6.10
Php Php 5.6.7
Php Php 5.6.15
Php Php 5.6.17
Php Php 5.6.16
Php Php 5.6.9
Php Php 5.6.3
Php Php 5.6.8
Php Php 5.6.14
Php Php 5.6.19
Apple Mac Os X
Php Php 5.5.0
1 EDB exploit
694
VMScore
CVE-2017-11142
In PHP prior to 5.6.31, 7.x prior to 7.0.17, and 7.1.x prior to 7.1.3, remote attackers could cause a CPU consumption denial of service attack by injecting long form variables, related to main/php_variables.c.
Php Php 7.0.0
Php Php 7.0.1
Php Php 7.0.8
Php Php 7.0.9
Php Php 7.1.0
Php Php 7.1.1
Php Php 7.0.4
Php Php 7.0.5
Php Php 7.0.12
Php Php 7.0.13
Php Php
Php Php 7.0.6
Php Php 7.0.7
Php Php 7.0.14
Php Php 7.0.15
Php Php 7.0.16
Php Php 7.0.2
Php Php 7.0.3
Php Php 7.0.10
Php Php 7.0.11
Php Php 7.1.2
694
VMScore
CVE-2015-4717
The filename sanitization component in ownCloud Server prior to 6.0.8, 7.0.x prior to 7.0.6, and 8.0.x prior to 8.0.4 does not properly handle $_GET parameters cast by PHP to an array, which allows remote malicious users to cause a denial of service (infinite loop and log file co...
Owncloud Owncloud 7.0.1
Owncloud Owncloud 7.0.3
Owncloud Owncloud 7.0.5
Owncloud Owncloud 8.0.0
Owncloud Owncloud 8.0.2
Owncloud Owncloud 8.0.3
Owncloud Owncloud 7.0.2
Owncloud Owncloud 7.0.4
Owncloud Owncloud
Owncloud Owncloud 7.0.0
668
VMScore
CVE-2016-7479
In all versions of PHP 7, during the unserialization process, resizing the 'properties' hash table of a serialized object may lead to use-after-free. A remote attacker may exploit this bug to gain arbitrary code execution.
Php Php 7.1.0
Php Php 7.0.0
Php Php 7.0.3
Php Php 7.0.4
Php Php 7.0.1
Php Php 7.0.10
Php Php 7.0.5
Php Php 7.0.6
Php Php 7.0.11
Php Php 7.0.12
Php Php 7.0.7
Php Php 7.0.8
Php Php 7.0.14
Php Php 7.0.2
Php Php 7.0.9
668
VMScore
CVE-2016-5093
The get_icu_value_internal function in ext/intl/locale/locale_methods.c in PHP prior to 5.5.36, 5.6.x prior to 5.6.22, and 7.x prior to 7.0.7 does not ensure the presence of a '\0' character, which allows remote malicious users to cause a denial of service (out-of-bound...
Php Php 5.6.2
Php Php 5.6.19
Php Php 7.0.6
Php Php 5.6.18
Php Php 5.6.6
Php Php 5.6.7
Php Php 5.6.0
Php Php 5.6.1
Php Php 7.0.0
Php Php 7.0.1
Php Php 5.6.17
Php Php 5.6.16
Php Php 5.6.15
Php Php 5.6.8
Php Php 5.6.9
Php Php
Php Php 7.0.2
Php Php 7.0.3
Php Php 5.6.14
Php Php 5.6.3
Php Php 5.6.13
Php Php 5.6.12
668
VMScore
CVE-2016-3132
Double free vulnerability in the SplDoublyLinkedList::offsetSet function in ext/spl/spl_dllist.c in PHP 7.x prior to 7.0.6 allows remote malicious users to execute arbitrary code via a crafted index.
Php Php 7.0.5
Php Php 7.0.0
Php Php 7.0.1
Php Php 7.0.2
Php Php 7.0.3
Php Php 7.0.4
668
VMScore
CVE-2016-1904
Multiple integer overflows in ext/standard/exec.c in PHP 7.x prior to 7.0.2 allow remote malicious users to cause a denial of service or possibly have unspecified other impact via a long string to the (1) php_escape_shell_cmd or (2) php_escape_shell_arg function, leading to a hea...
Php Php 7.0.1
Php Php 7.0.0
610
VMScore
CVE-2008-1918
SQL injection vulnerability in submit.php in PHP-Fusion 6.01.14 and 6.00.307, when magic_quotes_gpc is disabled and the database table prefix is known, allows remote authenticated users to execute arbitrary SQL commands via the submit_info[] parameter in a link submission action....
Php-fusion Php-fusion 6.01.14
Php-fusion Php-fusion 6.00.307
2 EDB exploits
605
VMScore
CVE-2017-11628
In PHP prior to 5.6.31, 7.x prior to 7.0.21, and 7.1.x prior to 7.1.7, a stack-based buffer overflow in the zend_ini_do_op() function in Zend/zend_ini_parser.c could cause a denial of service or potentially allow executing code. NOTE: this is only relevant for PHP applications th...
Php Php
Php Php 7.0.11
Php Php 7.0.4
Php Php 7.0.19
Php Php 7.0.3
Php Php 7.0.1
Php Php 7.0.12
Php Php 7.0.13
Php Php 7.0.16
Php Php 7.0.7
Php Php 7.0.14
Php Php 7.0.20
Php Php 7.0.15
Php Php 7.0.18
Php Php 7.0.2
Php Php 7.0.9
Php Php 7.0.8
Php Php 7.0.17
Php Php 7.0.5
Php Php 7.0.10
Php Php 7.0.0
Php Php 7.0.6
570
VMScore
CVE-2016-3185
The make_http_soap_request function in ext/soap/php_http.c in PHP prior to 5.4.44, 5.5.x prior to 5.5.28, 5.6.x prior to 5.6.12, and 7.x prior to 7.0.4 allows remote malicious users to obtain sensitive information from process memory or cause a denial of service (type confusion a...
Php Php 5.6.1
Php Php 5.6.0
Php Php 5.6.5
Php Php 5.6.4
Php Php 5.6.6
Php Php 5.6.11
Php Php 5.6.2
Php Php 5.6.10
Php Php 5.6.7
Php Php 5.6.9
Php Php 5.6.3
Php Php 5.6.8
Php Php
Php Php 7.0.3
Php Php 7.0.1
Php Php 7.0.2
Php Php 7.0.0
Php Php 5.5.0
Php Php 5.5.19
Php Php 5.5.25
Php Php 5.5.16
Php Php 5.5.1
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-52710
arbitrary
CVE-2024-5272
CVE-2024-2961
brute force
remote
CVE-2024-32944
CVE-2024-36241
CVE-2024-5274
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »