Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php php 5.2.4 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-5447
ioncube_loader_win_5.2.dll in the ionCube Loader 6.5 extension for PHP 5.2.4 does not follow safe_mode and disable_functions restrictions, which allows context-dependent malicious users to bypass intended limitations, as demonstrated by reading arbitrary files via the ioncube_rea...
Php Php 5.2.4
Ioncube Php Encoder 6.5
1 EDB exploit
NA
CVE-2007-4889
The MySQL extension in PHP 5.2.4 and previous versions allows remote malicious users to bypass safe_mode and open_basedir restrictions via the MySQL (1) LOAD_FILE, (2) INTO DUMPFILE, and (3) INTO OUTFILE functions, a different issue than CVE-2007-3997.
Php Mysql Extension
Php Php
NA
CVE-2007-4887
The dl function in PHP 5.2.4 and previous versions allows context-dependent malicious users to cause a denial of service (application crash) via a long string in the library parameter. NOTE: there are limited usage scenarios under which this would be a vulnerability.
Php Php
NA
CVE-2007-4840
PHP 5.2.4 and previous versions allows context-dependent malicious users to cause a denial of service (application crash) via (1) a long string in the out_charset parameter to the iconv function; or a long string in the charset parameter to the (2) iconv_mime_decode_headers, (3) ...
Php Php
NA
CVE-2007-4825
Directory traversal vulnerability in PHP 5.2.4 and previous versions allows malicious users to bypass open_basedir restrictions and possibly execute arbitrary code via a .. (dot dot) in the dl function.
Php Php
NA
CVE-2007-4784
The setlocale function in PHP prior to 5.2.4 allows context-dependent malicious users to cause a denial of service (application crash) via a long string in the locale parameter. NOTE: this might not be a vulnerability in most web server environments that support multiple threads,...
Php Php
NA
CVE-2007-4783
The iconv_substr function in PHP 5.2.4 and previous versions allows context-dependent malicious users to cause (1) a denial of service (application crash) via a long string in the charset parameter, probably also requiring a long string in the str parameter; or (2) a denial of se...
Php Php
NA
CVE-2007-4670
Unspecified vulnerability in PHP prior to 5.2.4 has unknown impact and attack vectors, related to an "Improved fix for MOPB-03-2007," probably a variant of CVE-2007-1285.
Php Php
NA
CVE-2007-4662
Buffer overflow in the php_openssl_make_REQ function in PHP prior to 5.2.4 has unknown impact and attack vectors.
Php Php
NA
CVE-2007-4663
Directory traversal vulnerability in PHP prior to 5.2.4 allows malicious users to bypass open_basedir restrictions via unspecified vectors involving the glob function.
Php Php
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »