Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php php 5.2.4 vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2013-1643
The SOAP parser in PHP prior to 5.3.23 and 5.4.x prior to 5.4.13 allows remote malicious users to read arbitrary files via a SOAP WSDL file containing an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue in the ...
Php Php 4.3.9
Php Php 4.4.9
Php Php 3.0
Php Php
Php Php 5.2.9
Php Php 4.0
Php Php 3.0.5
Php Php 3.0.11
Php Php 5.3.10
Php Php 5.1.5
Php Php 5.3.6
Php Php 5.3.9
Php Php 5.1.2
Php Php 5.3.1
Php Php 4.2.0
Php Php 5.1.1
Php Php 3.0.1
Php Php 5.3.18
Php Php 5.2.14
Php Php 3.0.2
Php Php 4.4.4
Php Php 5.0.0
5
CVSSv2
CVE-2016-7478
Zend/zend_exceptions.c in PHP, possibly 5.x prior to 5.6.28 and 7.x prior to 7.0.13, allows remote malicious users to cause a denial of service (infinite loop) via a crafted Exception object in serialized data, a related issue to CVE-2015-8876.
Php Php 5.0.0
Php Php 5.0.1
Php Php 5.0.2
Php Php 5.1.3
Php Php 5.1.4
Php Php 5.2.13
Php Php 5.2.14
Php Php 5.2.5
Php Php 5.2.6
Php Php 5.3.11
Php Php 5.3.12
Php Php 5.3.2
Php Php 5.3.20
Php Php 5.3.27
Php Php 5.3.28
Php Php 5.3.9
Php Php 5.4.0
Php Php 5.4.13
Php Php 5.4.14
Php Php 5.4.19
Php Php 5.4.2
Php Php 5.4.26
6.8
CVSSv2
CVE-2007-4889
The MySQL extension in PHP 5.2.4 and previous versions allows remote malicious users to bypass safe_mode and open_basedir restrictions via the MySQL (1) LOAD_FILE, (2) INTO DUMPFILE, and (3) INTO OUTFILE functions, a different issue than CVE-2007-3997.
Php Mysql Extension
Php Php
7.5
CVSSv2
CVE-2007-4663
Directory traversal vulnerability in PHP prior to 5.2.4 allows malicious users to bypass open_basedir restrictions via unspecified vectors involving the glob function.
Php Php
7.5
CVSSv2
CVE-2007-4825
Directory traversal vulnerability in PHP 5.2.4 and previous versions allows malicious users to bypass open_basedir restrictions and possibly execute arbitrary code via a .. (dot dot) in the dl function.
Php Php
4.3
CVSSv2
CVE-2007-4887
The dl function in PHP 5.2.4 and previous versions allows context-dependent malicious users to cause a denial of service (application crash) via a long string in the library parameter. NOTE: there are limited usage scenarios under which this would be a vulnerability.
Php Php
7.5
CVSSv2
CVE-2007-3997
The (1) MySQL and (2) MySQLi extensions in PHP 4 prior to 4.4.8, and PHP 5 prior to 5.2.4, allow remote malicious users to bypass safe_mode and open_basedir restrictions via MySQL LOCAL INFILE operations, as demonstrated by a query with LOAD DATA LOCAL INFILE.
Php Php
1 EDB exploit
7.5
CVSSv2
CVE-2008-6043
Multiple SQL injection vulnerabilities in PHP Pro Bid (PPB) 6.04 allow remote malicious users to execute arbitrary SQL commands via the (1) order_field and (2) order_type parameters to categories.php and unspecified other components. NOTE: some of these details are obtained from ...
Phpprobid Php Pro Bid 6.04
1 EDB exploit
5
CVSSv2
CVE-2007-4784
The setlocale function in PHP prior to 5.2.4 allows context-dependent malicious users to cause a denial of service (application crash) via a long string in the locale parameter. NOTE: this might not be a vulnerability in most web server environments that support multiple threads,...
Php Php
5
CVSSv2
CVE-2007-4670
Unspecified vulnerability in PHP prior to 5.2.4 has unknown impact and attack vectors, related to an "Improved fix for MOPB-03-2007," probably a variant of CVE-2007-1285.
Php Php
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5324
path traversal
CVE-2024-4743
CVE-2024-5184
TCP
CVE-2024-27822
code injection
CVE-2024-28995
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »