Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php php 5.0 vulnerabilities and exploits
(subscribe to this query)
9.3
CVSSv2
CVE-2006-1017
The c-client library 2000, 2001, or 2004 for PHP prior to 4.4.4 and 5.x prior to 5.1.5 do not check the (1) safe_mode or (2) open_basedir functions, and when used in applications that accept user-controlled input for the mailbox argument to the imap_open function, allow remote ma...
Php Php 3.0
Php Php 3.0.1
Php Php 3.0.17
Php Php 3.0.18
Php Php 3.0.8
Php Php 3.0.9
Php Php 4.0.3
Php Php 4.0.4
Php Php 4.0.5
Php Php 4.1.1
Php Php 4.1.2
Php Php 4.3.1
Php Php 4.3.10
Php Php 4.3.8
Php Php 4.3.9
Php Php 5.0.0
Php Php 5.0.3
Php Php 5.0.4
Php Php 5.1.3
Php Php 5.1.4
Php Php 3.0.13
Php Php 3.0.14
7.8
CVSSv2
CVE-2011-3336
regcomp in the BSD implementation of libc is vulnerable to denial of service due to stack exhaustion.
Php Php
Apple Mac Os X
Freebsd Freebsd 8.2
Openbsd Openbsd 5.0
1 EDB exploit
7.8
CVSSv2
CVE-2016-1351
The Locator/ID Separation Protocol (LISP) implementation in Cisco IOS 15.1 and 15.2 and NX-OS 4.1 up to and including 6.2 allows remote malicious users to cause a denial of service (device reload) via a crafted header in a packet, aka Bug ID CSCuu64279.
Cisco Nx-os 6.2\\(2a\\)
Cisco Nx-os 6.1\\(3\\)
Cisco Nx-os 5.1\\(6\\)
Cisco Nx-os 5.2\\(1\\)
Cisco Nx-os 6.2\\(12\\)
Cisco Nx-os 5.1\\(4\\)
Cisco Nx-os 6.2\\(6b\\)
Cisco Nx-os 5.1\\(5\\)
Cisco Ios 15.2\\(1\\)sy
Cisco Nx-os 6.0\\(3\\)
Cisco Ios 15.1\\(2\\)sy3
Cisco Ios 15.1\\(1\\)sy4
Cisco Ios 15.1\\(2\\)sy
Cisco Nx-os 4.2\\(8\\)
Cisco Ios 15.1\\(2\\)sy1
Cisco Nx-os 6.0\\(2\\)
Cisco Nx-os 4.2\\(3\\)
Cisco Nx-os 5.1\\(3\\)
Cisco Nx-os 6.1\\(4\\)
Cisco Nx-os 5.2\\(3a\\)
Cisco Nx-os 6.2\\(8b\\)
Cisco Nx-os 5.2\\(7\\)
7.8
CVSSv2
CVE-2007-1883
PHP 4.0.0 up to and including 4.4.6 and 5.0.0 up to and including 5.2.1 allows context-dependent malicious users to read arbitrary memory locations via an interruption that triggers a user space error handler that changes a parameter to an arbitrary pointer, as demonstrated via t...
Php Php 4.0.0
Php Php 4.0.4
Php Php 4.1.1
Php Php 4.1.2
Php Php 4.3.1
Php Php 4.3.10
Php Php 4.3.7
Php Php 4.3.8
Php Php 4.4.6
Php Php 5.0.0
Php Php 5.0.1
Php Php 5.0
Php Php 5.1.0
Php Php 5.2.0
Php Php 5.2.1
Php Php 4.0.3
Php Php 4.0.7
Php Php 4.1.0
Php Php 4.2
Php Php 4.3.0
Php Php 4.3.5
Php Php 4.3.6
7.8
CVSSv2
CVE-2007-1718
CRLF injection vulnerability in the mail function in PHP 4.0.0 up to and including 4.4.6 and 5.0.0 up to and including 5.2.1 allows remote malicious users to inject arbitrary e-mail headers and possibly conduct spam attacks via a control character immediately following folding of...
Php Php 4.0.1
Php Php 4.0.2
Php Php 4.0.7
Php Php 4.0
Php Php 4.2.3
Php Php 4.2
Php Php 4.3.4
Php Php 4.3.5
Php Php 4.4.3
Php Php 4.4.4
Php Php 5.0.0
Php Php 5.0.5
Php Php 5.0
Php Php 5.1.4
Php Php 5.1.5
Php Php 4.0.3
Php Php 4.1.0
Php Php 4.1.1
Php Php 4.3.0
Php Php 4.3.1
Php Php 4.3.6
Php Php 4.3.7
1 EDB exploit
7.5
CVSSv2
CVE-2015-8980
The plural form formula in ngettext family of calls in php-gettext prior to 1.0.12 allows remote malicious users to execute arbitrary code.
Php-gettext Project Php-gettext
Opensuse Leap 42.2
Opensuse Leap 42.1
Redhat Enterprise Linux 5.0
Fedoraproject Fedora 24
7.5
CVSSv2
CVE-2019-14746
A issue exists in KuaiFanCMS 5.0. It allows eval injection by placing PHP code in the install.php db_name parameter and then making a config.php request.
Kuaifan Kuaifancms 5.0
7.5
CVSSv2
CVE-2018-20148
In WordPress prior to 4.9.9 and 5.x prior to 5.0.1, contributors could conduct PHP object injection attacks via crafted metadata in a wp.getMediaItem XMLRPC call. This is caused by mishandling of serialized data at phar:// URLs in the wp_get_attachment_thumb_file function in wp-i...
Wordpress Wordpress
Debian Debian Linux 8.0
Debian Debian Linux 9.0
2 Github repositories
7.5
CVSSv2
CVE-2014-2044
Incomplete blacklist vulnerability in ajax/upload.php in ownCloud prior to 5.0, when running on Windows, allows remote authenticated users to bypass intended access restrictions, upload files with arbitrary names, and execute arbitrary code via an Alternate Data Stream (ADS) synt...
Owncloud Owncloud 4.5.7
Owncloud Owncloud 4.5.6
Owncloud Owncloud 4.5.5
Owncloud Owncloud 4.5.10
Owncloud Owncloud 4.5.1
Owncloud Owncloud 4.0.4
Owncloud Owncloud 4.0.3
Owncloud Owncloud 4.0.10
Owncloud Owncloud 4.0.1
Owncloud Owncloud 4.5.4
Owncloud Owncloud 4.5.3
Owncloud Owncloud 4.5.0
Owncloud Owncloud 4.0.9
Owncloud Owncloud 4.0.2
Owncloud Owncloud 4.0.16
Owncloud Owncloud 4.0.0
Owncloud Owncloud 3.0.3
Owncloud Owncloud 4.5.2
Owncloud Owncloud
Owncloud Owncloud 4.0.8
Owncloud Owncloud 4.0.7
Owncloud Owncloud 4.0.15
1 EDB exploit
7.5
CVSSv2
CVE-2013-1349
Eval injection vulnerability in ajax.php in openSIS 4.5 up to and including 5.2 allows remote malicious users to execute arbitrary PHP code via the modname parameter.
Os4ed Opensis 4.6
Os4ed Opensis 4.5
Os4ed Opensis 4.8.1
Os4ed Opensis 4.7
Os4ed Opensis 5.2
Os4ed Opensis 5.1
Os4ed Opensis 5.0
Os4ed Opensis 4.9
Os4ed Opensis 4.8
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »