Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php php 5.3.1 vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2009-3294
The popen API function in TSRM/tsrm_win32.c in PHP prior to 5.2.11 and 5.3.x prior to 5.3.1, when running on certain Windows operating systems, allows context-dependent malicious users to cause a denial of service (crash) via a crafted (1) "e" or (2) "er" stri...
Php Php
7.5
CVSSv2
CVE-2009-3559
main/streams/plain_wrapper.c in PHP 5.3.x prior to 5.3.1 does not recognize the safe_mode_include_dir directive, which allows context-dependent malicious users to have an unknown impact by triggering the failure of PHP scripts that perform include or require operations, as demons...
Php Php 5.3.0
9.3
CVSSv2
CVE-2009-3546
The _gdGetColors function in gd_gd.c in PHP 5.2.11 and 5.3.x prior to 5.3.1, and the GD Graphics Library 2.x, does not properly verify a certain colorsTotal structure member, which might allow remote malicious users to conduct buffer overflow or buffer over-read attacks via a cra...
Libgd Gd Graphics Library 2.0.34
Libgd Gd Graphics Library 2.0.33
Libgd Gd Graphics Library 2.0.35
Libgd Gd Graphics Library 2.0.36
Php Php 5.2.11
Php Php 5.3.0
4.3
CVSSv2
CVE-2010-3489
Cross-site scripting (XSS) vulnerability in netautor/napro4/home/login2.php in CMS Digital Workroom (formerly Netautor Professional) 5.5.0 allows remote malicious users to inject arbitrary web script or HTML via the goback parameter.
Digitalworkroom Cms Digital Workroom 5.3.1
Digitalworkroom Cms Digital Workroom 5.5.0
1 EDB exploit
5
CVSSv2
CVE-2011-3720
conceptcms 5.3.1, 5.3.3, and possibly other versions allows remote malicious users to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by sys_libs/umlib/um_authserver.inc.php and certain oth...
Conceptcms Conceptcms 5.3.1
7.5
CVSSv2
CVE-2007-0455
Buffer overflow in the gdImageStringFTEx function in gdft.c in GD Graphics Library 2.0.33 and previous versions allows remote malicious users to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted string with a JIS encoded font.
Gd Graphics Library Project Gd Graphics Library
Php Php
Canonical Ubuntu Linux 7.04
Canonical Ubuntu Linux 6.10
Canonical Ubuntu Linux 6.06
Fedoraproject Fedora 13
Fedoraproject Fedora 14
Redhat Enterprise Linux Desktop 3.0
Redhat Enterprise Linux Desktop 4.0
Redhat Enterprise Linux Server 4.0
Redhat Enterprise Linux Workstation 4.0
Redhat Enterprise Linux Workstation 3.0
Redhat Enterprise Linux Server 3.0
7.5
CVSSv2
CVE-2016-8580
PHP object injection vulnerabilities exist in multiple widget files in AlienVault OSSIM and USM prior to 5.3.2. These vulnerabilities allow arbitrary PHP code execution via magic methods in included classes.
Alienvault Unified Security Management
Alienvault Open Source Security Information And Event Management
2 EDB exploits
7.5
CVSSv2
CVE-2005-4227
Multiple "potential" SQL injection vulnerabilities in DCP-Portal 6.1.1 might allow remote malicious users to execute arbitrary SQL commands via (1) the password and username parameters in advertiser.php, (2) the aid parameter in announcement.php, (3) the dcp5_member_id,...
Codeworx Technologies Dcp-portal 4.0
Codeworx Technologies Dcp-portal 4.1
Codeworx Technologies Dcp-portal 5.3
Codeworx Technologies Dcp-portal 5.3.1
Codeworx Technologies Dcp-portal 4.2
Codeworx Technologies Dcp-portal 4.5.1
Codeworx Technologies Dcp-portal 5.3.2
Codeworx Technologies Dcp-portal 6.0
Codeworx Technologies Dcp-portal 3.7
Codeworx Technologies Dcp-portal 5.1
Codeworx Technologies Dcp-portal 5.2
Codeworx Technologies Dcp-portal 5.0.1
Codeworx Technologies Dcp-portal 5.0.2
Codeworx Technologies Dcp-portal 6.1
Codeworx Technologies Dcp-portal 6.1.1
4.3
CVSSv2
CVE-2007-2756
The gdPngReadData function in libgd 2.0.34 allows user-assisted malicious users to cause a denial of service (CPU consumption) via a crafted PNG image with truncated data, which causes an infinite loop in the png_read_info function in libpng.
Libgd Libgd 2.0.34
4.3
CVSSv2
CVE-2007-3472
Integer overflow in gdImageCreateTrueColor function in the GD Graphics Library (libgd) prior to 2.0.35 allows user-assisted remote malicious users to have unspecified attack vectors and impact.
Libgd Gd Graphics Library 2.0.33
Libgd Gd Graphics Library 2.0.34
Libgd Gd Graphics Library 2.0.35
Libgd Gd Graphics Library
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »