Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php php 5.2.1 vulnerabilities and exploits
(subscribe to this query)
9.3
CVSSv2
CVE-2007-1581
The resource system in PHP 5.0.0 up to and including 5.2.1 allows context-dependent malicious users to execute arbitrary code by interrupting the hash_update_file function via a userspace (1) error or (2) stream handler, which can then be used to destroy and modify internal resou...
Php Php 5.2.9
Php Php 5.1.5
Php Php 5.1.2
Php Php 5.3.1
Php Php 5.1.1
Php Php 5.1.6
Php Php 5.0
Php Php 5.2.7
Php Php 5.2.2
Php Php 5.0.5
Php Php 5.0.1
Php Php 5.1.4
Php Php 5.2.5
Php Php 5.0.4
Php Php 5.2.12
Php Php 5.2.11
Php Php 5.2.6
Php Php 5.3.0
Php Php 5.2.3
Php Php 5.0.3
Php Php 5.1.0
Php Php 5.2.13
1 EDB exploit
7.8
CVSSv2
CVE-2007-1883
PHP 4.0.0 up to and including 4.4.6 and 5.0.0 up to and including 5.2.1 allows context-dependent malicious users to read arbitrary memory locations via an interruption that triggers a user space error handler that changes a parameter to an arbitrary pointer, as demonstrated via t...
Php Php 4.3.9
Php Php 5.1.5
Php Php 5.1.2
Php Php 4.2.0
Php Php 5.1.1
Php Php 4.4.4
Php Php 5.0.0
Php Php 4.1.0
Php Php 5.1.6
Php Php 4.3.4
Php Php 4.0.4
Php Php 4.3.0
Php Php 4.0.5
Php Php 5.0
Php Php 5.0.5
Php Php 4.3.6
Php Php 5.0.1
Php Php 5.1.4
Php Php 4.0.7
Php Php 4.3.7
Php Php 5.0.4
Php Php 4.2.2
7.8
CVSSv2
CVE-2007-1718
CRLF injection vulnerability in the mail function in PHP 4.0.0 up to and including 4.4.6 and 5.0.0 up to and including 5.2.1 allows remote malicious users to inject arbitrary e-mail headers and possibly conduct spam attacks via a control character immediately following folding of...
Php Php 4.3.9
Php Php 4.0
Php Php 5.1.5
Php Php 5.1.2
Php Php 4.2.0
Php Php 5.1.1
Php Php 4.4.4
Php Php 5.0.0
Php Php 4.1.0
Php Php 5.1.6
Php Php 4.3.4
Php Php 4.0.4
Php Php 4.3.0
Php Php 4.0.5
Php Php 5.0
Php Php 5.0.5
Php Php 4.3.6
Php Php 5.0.1
Php Php 5.1.4
Php Php 4.0.7
Php Php 4.3.7
Php Php 5.0.4
1 EDB exploit
7.8
CVSSv2
CVE-2007-1649
PHP 5.2.1 allows context-dependent malicious users to read portions of heap memory by executing certain scripts with a serialized data input string beginning with S:, which does not properly track the number of input bytes being processed.
Php Php 5.2.1
1 EDB exploit
7.8
CVSSv2
CVE-2007-1461
The compress.bzip2:// URL wrapper provided by the bz2 extension in PHP prior to 4.4.7, and 5.x prior to 5.2.2, does not implement safemode or open_basedir checks, which allows remote malicious users to read bzip2 archives located outside of the intended directories.
Php Php 5.1.5
Php Php 5.1.2
Php Php 5.1.1
Php Php 5.1.6
Php Php 5.0.5
Php Php 5.0.1
Php Php 5.1.4
Php Php 5.0.4
Php Php 5.0.3
Php Php 5.1.0
Php Php 5.2.0
Php Php 5.1.3
Php Php 5.0.2
Php Php 5.2.1
Php Php 5.0.0
Php Php 4.3.9
Php Php 3.0
Php Php 4.0
Php Php 3.0.5
Php Php 3.0.11
Php Php 4.2.0
Php Php 3.0.1
7.8
CVSSv2
CVE-2007-0911
Off-by-one error in the str_ireplace function in PHP 5.2.1 might allow context-dependent malicious users to cause a denial of service (crash).
Php Php 5.2.1
1 EDB exploit
7.5
CVSSv2
CVE-2013-1635
ext/soap/soap.c in PHP prior to 5.3.22 and 5.4.x prior to 5.4.13 does not validate the relationship between the soap.wsdl_cache_dir directive and the open_basedir directive, which allows remote malicious users to bypass intended access restrictions by triggering the creation of c...
Php Php 4.3.9
Php Php 4.4.9
Php Php 3.0
Php Php
Php Php 5.2.9
Php Php 4.0
Php Php 3.0.5
Php Php 3.0.11
Php Php 5.3.10
Php Php 5.1.5
Php Php 5.3.6
Php Php 5.3.9
Php Php 5.1.2
Php Php 5.3.1
Php Php 4.2.0
Php Php 5.1.1
Php Php 3.0.1
Php Php 5.3.18
Php Php 5.2.14
Php Php 3.0.2
Php Php 4.4.4
Php Php 5.0.0
7.5
CVSSv2
CVE-2012-2311
sapi/cgi/cgi_main.c in PHP prior to 5.3.13 and 5.4.x prior to 5.4.3, when configured as a CGI script (aka php-cgi), does not properly handle query strings that contain a %3D sequence but no = (equals sign) character, which allows remote malicious users to execute arbitrary code b...
Php Php 4.3.9
Php Php 4.4.9
Php Php 3.0
Php Php 5.2.9
Php Php 4.0
Php Php 3.0.5
Php Php 3.0.11
Php Php 5.3.10
Php Php 5.1.5
Php Php 5.3.6
Php Php 5.3.9
Php Php 5.1.2
Php Php 5.3.1
Php Php 4.2.0
Php Php 5.1.1
Php Php 3.0.1
Php Php 5.2.14
Php Php 3.0.2
Php Php 4.4.4
Php Php 5.0.0
Php Php 4.1.0
Php Php 5.1.6
4 EDB exploits
2 Github repositories
7.5
CVSSv2
CVE-2012-1823
sapi/cgi/cgi_main.c in PHP prior to 5.3.12 and 5.4.x prior to 5.4.2, when configured as a CGI script (aka php-cgi), does not properly handle query strings that lack an = (equals sign) character, which allows remote malicious users to execute arbitrary code by placing command-line...
Php Php 5.2.9
Php Php 5.3.10
Php Php 5.1.5
Php Php 5.3.6
Php Php 5.3.9
Php Php 5.1.2
Php Php 5.3.1
Php Php 5.1.1
Php Php 5.2.14
Php Php 5.0.0
Php Php 5.1.6
Php Php 5.2.16
Php Php 5.3.8
Php Php 5.2.7
Php Php 5.2.2
Php Php 5.0.5
Php Php 5.0.1
Php Php 5.1.4
Php Php 5.2.5
Php Php 5.0.4
Php Php 5.2.12
Php Php 5.2.11
4 EDB exploits
2 Nmap scripts
17 Github repositories
2 Articles
7.5
CVSSv2
CVE-2011-1153
Multiple format string vulnerabilities in phar_object.c in the phar extension in PHP 5.3.5 and previous versions allow context-dependent malicious users to obtain sensitive information from process memory, cause a denial of service (memory corruption), or possibly execute arbitra...
Php Php 4.3.9
Php Php 4.4.9
Php Php 3.0
Php Php 5.2.9
Php Php 4.0
Php Php 3.0.5
Php Php 3.0.11
Php Php 5.1.5
Php Php 5.1.2
Php Php 5.3.1
Php Php 4.2.0
Php Php 5.1.1
Php Php 3.0.1
Php Php 5.2.14
Php Php 3.0.2
Php Php 4.4.4
Php Php 5.0.0
Php Php 4.1.0
Php Php 5.1.6
Php Php 4.3.4
Php Php 4.0.4
Php Php 4.3.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »