Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php php 5.1.4 vulnerabilities and exploits
(subscribe to this query)
9.3
CVSSv2
CVE-2007-2844
PHP 4.x and 5.x prior to 5.2.1, when running on multi-threaded systems, does not ensure thread safety for libc crypt function calls using protection schemes such as a mutex, which creates race conditions that allow remote malicious users to overwrite internal program memory and g...
Php Php 4.0.3
Php Php 4.0.7
Php Php 4.0
Php Php 4.1.0
Php Php 4.3.1
Php Php 4.3.10
Php Php 4.3.7
Php Php 4.3.8
Php Php 4.4.5
Php Php 4.4.6
Php Php 5.0.0
Php Php 5.0.1
Php Php 4.0.0
Php Php 4.0.1
Php Php 4.0.5
Php Php 4.0.6
Php Php 4.2.1
Php Php 4.2.2
Php Php 4.3.3
Php Php 4.3.4
Php Php 4.4.1
Php Php 4.4.2
9.3
CVSSv2
CVE-2007-1581
The resource system in PHP 5.0.0 up to and including 5.2.1 allows context-dependent malicious users to execute arbitrary code by interrupting the hash_update_file function via a userspace (1) error or (2) stream handler, which can then be used to destroy and modify internal resou...
Php Php 5.0.0
Php Php 5.0.1
Php Php 5.0
Php Php 5.1.0
Php Php 5.2.0
Php Php 5.2.1
Php Php 5.2.8
Php Php 5.2.9
Php Php 5.0.4
Php Php 5.0.5
Php Php 5.1.3
Php Php 5.1.4
Php Php 5.2.4
Php Php 5.2.5
Php Php 5.2.12
Php Php 5.2.13
Php Php 5.0.2
Php Php 5.0.3
Php Php 5.1.1
Php Php 5.1.2
Php Php 5.2.2
Php Php 5.2.3
1 EDB exploit
9.3
CVSSv2
CVE-2006-1017
The c-client library 2000, 2001, or 2004 for PHP prior to 4.4.4 and 5.x prior to 5.1.5 do not check the (1) safe_mode or (2) open_basedir functions, and when used in applications that accept user-controlled input for the mailbox argument to the imap_open function, allow remote ma...
Php Php 3.0
Php Php 3.0.1
Php Php 3.0.17
Php Php 3.0.18
Php Php 3.0.8
Php Php 3.0.9
Php Php 4.0.3
Php Php 4.0.4
Php Php 4.0.5
Php Php 4.1.1
Php Php 4.1.2
Php Php 4.3.1
Php Php 4.3.10
Php Php 4.3.8
Php Php 4.3.9
Php Php 5.0.0
Php Php 5.0.3
Php Php 5.0.4
Php Php 5.1.3
Php Php 5.1.4
Php Php 3.0.13
Php Php 3.0.14
7.8
CVSSv2
CVE-2007-1883
PHP 4.0.0 up to and including 4.4.6 and 5.0.0 up to and including 5.2.1 allows context-dependent malicious users to read arbitrary memory locations via an interruption that triggers a user space error handler that changes a parameter to an arbitrary pointer, as demonstrated via t...
Php Php 4.0.0
Php Php 4.0.4
Php Php 4.1.1
Php Php 4.1.2
Php Php 4.3.1
Php Php 4.3.10
Php Php 4.3.7
Php Php 4.3.8
Php Php 4.4.6
Php Php 5.0.0
Php Php 5.0.1
Php Php 5.0
Php Php 5.1.0
Php Php 5.2.0
Php Php 5.2.1
Php Php 4.0.3
Php Php 4.0.7
Php Php 4.1.0
Php Php 4.2
Php Php 4.3.0
Php Php 4.3.5
Php Php 4.3.6
7.8
CVSSv2
CVE-2007-1718
CRLF injection vulnerability in the mail function in PHP 4.0.0 up to and including 4.4.6 and 5.0.0 up to and including 5.2.1 allows remote malicious users to inject arbitrary e-mail headers and possibly conduct spam attacks via a control character immediately following folding of...
Php Php 4.0.1
Php Php 4.0.2
Php Php 4.0.7
Php Php 4.0
Php Php 4.2.3
Php Php 4.2
Php Php 4.3.4
Php Php 4.3.5
Php Php 4.4.3
Php Php 4.4.4
Php Php 5.0.0
Php Php 5.0.5
Php Php 5.0
Php Php 5.1.4
Php Php 5.1.5
Php Php 4.0.3
Php Php 4.1.0
Php Php 4.1.1
Php Php 4.3.0
Php Php 4.3.1
Php Php 4.3.6
Php Php 4.3.7
1 EDB exploit
7.8
CVSSv2
CVE-2007-1461
The compress.bzip2:// URL wrapper provided by the bz2 extension in PHP prior to 4.4.7, and 5.x prior to 5.2.2, does not implement safemode or open_basedir checks, which allows remote malicious users to read bzip2 archives located outside of the intended directories.
Php Php 5.0.5
Php Php 5.1.1
Php Php 5.1.6
Php Php 5.2.1
Php Php 5.0.0
Php Php 5.0.1
Php Php 5.0.2
Php Php 5.0.3
Php Php 5.1.2
Php Php 5.1.3
Php Php 5.1.4
Php Php 5.1.5
Php Php 5.0.4
Php Php 5.1.0
Php Php 5.2.0
Php Php
Php Php 4.3.4
Php Php 4.3.6
Php Php 4.3.0
Php Php 4.3.8
Php Php 4.4.3
Php Php 4.0
7.5
CVSSv2
CVE-2015-7808
The vB_Api_Hook::decodeArguments method in vBulletin 5 Connect 5.1.2 up to and including 5.1.9 allows remote malicious users to conduct PHP object injection attacks and execute arbitrary PHP code via a crafted serialized object in the arguments parameter to ajax/api/hook/decodeAr...
Vbulletin Vbulletin 5.0.3
Vbulletin Vbulletin 5.0.4
Vbulletin Vbulletin 5.0.5
Vbulletin Vbulletin 5.1.0
Vbulletin Vbulletin 5.1.9
Vbulletin Vbulletin 5.0.0
Vbulletin Vbulletin 5.0.2
Vbulletin Vbulletin 5.1.2
Vbulletin Vbulletin 5.1.5
Vbulletin Vbulletin 5.1.7
Vbulletin Vbulletin 5.1.3
Vbulletin Vbulletin 5.1.4
Vbulletin Vbulletin 5.0.1
Vbulletin Vbulletin 5.1.1
Vbulletin Vbulletin 5.1.6
Vbulletin Vbulletin 5.1.8
2 EDB exploits
4 Github repositories
7.5
CVSSv2
CVE-2013-1635
ext/soap/soap.c in PHP prior to 5.3.22 and 5.4.x prior to 5.4.13 does not validate the relationship between the soap.wsdl_cache_dir directive and the open_basedir directive, which allows remote malicious users to bypass intended access restrictions by triggering the creation of c...
Php Php 4.3.9
Php Php 4.4.9
Php Php 3.0
Php Php
Php Php 5.2.9
Php Php 4.0
Php Php 3.0.5
Php Php 3.0.11
Php Php 5.3.10
Php Php 5.1.5
Php Php 5.3.6
Php Php 5.3.9
Php Php 5.1.2
Php Php 5.3.1
Php Php 4.2.0
Php Php 5.1.1
Php Php 3.0.1
Php Php 5.3.18
Php Php 5.2.14
Php Php 3.0.2
Php Php 4.4.4
Php Php 5.0.0
7.5
CVSSv2
CVE-2012-1823
sapi/cgi/cgi_main.c in PHP prior to 5.3.12 and 5.4.x prior to 5.4.2, when configured as a CGI script (aka php-cgi), does not properly handle query strings that lack an = (equals sign) character, which allows remote malicious users to execute arbitrary code by placing command-line...
Php Php
Php Php 5.3.10
Php Php 5.3.3
Php Php 5.3.2
Php Php 5.3.1
Php Php 5.2.12
Php Php 5.2.13
Php Php 5.2.4
Php Php 5.2.7
Php Php 5.1.6
Php Php 5.1.4
Php Php 5.0.0
Php Php 5.3.5
Php Php 5.3.4
Php Php 5.3.9
Php Php 5.3.8
Php Php 5.3.0
Php Php 5.2.5
Php Php 5.2.0
Php Php 5.2.3
Php Php 5.2.15
Php Php 5.2.16
4 EDB exploits
2 Nmap scripts
17 Github repositories
1 Article
7.5
CVSSv2
CVE-2012-2311
sapi/cgi/cgi_main.c in PHP prior to 5.3.13 and 5.4.x prior to 5.4.3, when configured as a CGI script (aka php-cgi), does not properly handle query strings that contain a %3D sequence but no = (equals sign) character, which allows remote malicious users to execute arbitrary code b...
Php Php 4.3.9
Php Php 4.4.9
Php Php 3.0
Php Php 5.2.9
Php Php 4.0
Php Php 3.0.5
Php Php 3.0.11
Php Php 5.3.10
Php Php 5.1.5
Php Php 5.3.6
Php Php 5.3.9
Php Php 5.1.2
Php Php 5.3.1
Php Php 4.2.0
Php Php 5.1.1
Php Php 3.0.1
Php Php 5.2.14
Php Php 3.0.2
Php Php 4.4.4
Php Php 5.0.0
Php Php 4.1.0
Php Php 5.1.6
4 EDB exploits
2 Github repositories
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-52710
arbitrary
CVE-2024-5272
CVE-2024-2961
brute force
remote
CVE-2024-32944
CVE-2024-36241
CVE-2024-5274
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »