Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php php 5.2.8 vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2009-1272
The php_zip_make_relative_path function in php_zip.c in PHP 5.2.x prior to 5.2.9 allows context-dependent malicious users to cause a denial of service (crash) via a ZIP file that contains filenames with relative paths, which is not properly handled during extraction.
Php Php 5.2.5
Php Php 5.2.0
Php Php 5.2.2
Php Php 5.2.7
Php Php 5.2.4
Php Php 5.2.6
Php Php 5.2.8
Php Php 5.2.3
Php Php 5.2.1
5
CVSSv2
CVE-2009-1271
The JSON_parser function (ext/json/JSON_parser.c) in PHP 5.2.x prior to 5.2.9 allows remote malicious users to cause a denial of service (segmentation fault) via a malformed string to the json_decode API function.
Php Php 5.2.4
Php Php 5.2.3
Php Php 5.2.1
Php Php 5.2.2
Php Php 5.2.5
Php Php 5.2.7
Php Php 5.2.6
Php Php 5.2.0
Php Php 5.2.8
6.4
CVSSv2
CVE-2010-1128
The Linear Congruential Generator (LCG) in PHP prior to 5.2.13 does not provide the expected entropy, which makes it easier for context-dependent malicious users to guess values that were intended to be unpredictable, as demonstrated by session cookies generated by using the uniq...
Php Php 5.2.9
Php Php 5.2.8
Php Php 5.2.0
Php Php 5.2.11
Php Php 5.2.10
Php Php 5.2.1
Php Php 5.2.3
Php Php 5.2.2
Php Php
Php Php 5.2.5
Php Php 5.2.4
Php Php 5.2.7
Php Php 5.2.6
1 EDB exploit
7.5
CVSSv2
CVE-2010-1129
The safe_mode implementation in PHP prior to 5.2.13 does not properly handle directory pathnames that lack a trailing / (slash) character, which allows context-dependent malicious users to bypass intended access restrictions via vectors related to use of the tempnam function.
Php Php 5.2.5
Php Php 5.2.6
Php Php 5.2.0
Php Php 5.2.7
Php Php 5.2.8
Php Php 5.2.9
Php Php 5.2.3
Php Php 5.2.4
Php Php 5.2.12
Php Php 5.2.1
Php Php 5.2.2
Php Php 5.2.10
Php Php 5.2.11
5
CVSSv2
CVE-2010-2484
The strrchr function in PHP 5.2 prior to 5.2.14 allows context-dependent malicious users to obtain sensitive information (memory contents) or trigger memory corruption by causing a userspace interruption of an internal function or handler.
Php Php 5.2.11
Php Php 5.2.5
Php Php 5.2.2
Php Php 5.2.9
Php Php 5.2.6
Php Php 5.2.8
Php Php 5.2.0
Php Php 5.2.4
Php Php 5.2.13
Php Php 5.2.12
Php Php 5.2.10
Php Php 5.2.3
Php Php 5.2.1
5
CVSSv2
CVE-2010-2093
Use-after-free vulnerability in the request shutdown functionality in PHP 5.2 prior to 5.2.13 and 5.3 prior to 5.3.2 allows context-dependent malicious users to cause a denial of service (crash) via a stream context structure that is freed before destruction occurs.
Php Php 5.2.2
Php Php 5.2.3
Php Php 5.2.10
Php Php 5.2.11
Php Php 5.2.4
Php Php 5.2.5
Php Php 5.2.12
Php Php 5.3.0
Php Php 5.2.0
Php Php 5.2.1
Php Php 5.2.8
Php Php 5.2.9
Php Php 5.2.6
Php Php 5.2.7
Php Php 5.3.1
5
CVSSv2
CVE-2008-5498
Array index error in the imageRotate function in PHP 5.2.8 and previous versions allows context-dependent malicious users to read the contents of arbitrary memory locations via a crafted value of the third argument (aka the bgd_color or clrBack argument) for an indexed image.
Php Php 5.1.3
Php Php 5.1.2
Php Php 5.2.1
Php Php 5.2.2
Php Php 5.0
Php Php 5.0.2
Php Php 5.0.1
Php Php 5.0.0
Php Php 5.2.6
Php Php 5.2.5
Php Php 5.1.6
Php Php 5.2.0
Php Php 5.0.4
Php Php 5.0.3
Php Php
Php Php 5.1.1
Php Php 5.1.0
Php Php 5.0.5
Php Php 5
Php Php 5.2.7
Php Php 5.2.4
Php Php 5.2.3
1 EDB exploit
6.4
CVSSv2
CVE-2010-1861
The sysvshm extension for PHP 5.2 up to and including 5.2.13 and 5.3 up to and including 5.3.2 allows context-dependent malicious users to write to arbitrary memory addresses by using an object's __sleep function to interrupt an internal call to the shm_put_var function, whi...
Php Php 5.2.0
Php Php 5.2.8
Php Php 5.2.2
Php Php 5.2.3
Php Php 5.2.4
Php Php 5.2.5
Php Php 5.2.11
Php Php 5.2.12
Php Php 5.2.13
Php Php 5.2.10
Php Php 5.2.1
Php Php 5.2.6
Php Php 5.2.9
Php Php 5.3.0
Php Php 5.3.2
Php Php 5.3.1
5
CVSSv2
CVE-2010-1862
The chunk_split function in PHP 5.2 up to and including 5.2.13 and 5.3 up to and including 5.3.2 allows context-dependent malicious users to obtain sensitive information (memory contents) by causing a userspace interruption of an internal function, related to the call time pass b...
Php Php 5.2.5
Php Php 5.2.6
Php Php 5.2.1
Php Php 5.2.2
Php Php 5.2.10
Php Php 5.2.11
Php Php 5.2.3
Php Php 5.2.4
Php Php 5.2.12
Php Php 5.2.13
Php Php 5.2.0
Php Php 5.2.8
Php Php 5.2.9
Php Php 5.3.0
Php Php 5.3.1
Php Php 5.3.2
5
CVSSv2
CVE-2010-1864
The addcslashes function in PHP 5.2 up to and including 5.2.13 and 5.3 up to and including 5.3.2 allows context-dependent malicious users to obtain sensitive information (memory contents) by causing a userspace interruption of an internal function, related to the call time pass b...
Php Php 5.2.4
Php Php 5.2.5
Php Php 5.2.13
Php Php 5.2.0
Php Php 5.2.1
Php Php 5.2.9
Php Php 5.2.10
Php Php 5.2.2
Php Php 5.2.3
Php Php 5.2.11
Php Php 5.2.12
Php Php 5.2.6
Php Php 5.2.8
Php Php 5.3.2
Php Php 5.3.0
Php Php 5.3.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-36920
buffer overflow
CVE-2024-36913
CVE-2024-5497
CVE-2024-23917
CVE-2024-4956
server-side request forgery
CVE-2024-35468
SSTI
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »