Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php php 5.2.11 vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2013-1635
ext/soap/soap.c in PHP prior to 5.3.22 and 5.4.x prior to 5.4.13 does not validate the relationship between the soap.wsdl_cache_dir directive and the open_basedir directive, which allows remote malicious users to bypass intended access restrictions by triggering the creation of c...
Php Php 4.3.9
Php Php 4.4.9
Php Php 3.0
Php Php
Php Php 5.2.9
Php Php 4.0
Php Php 3.0.5
Php Php 3.0.11
Php Php 5.3.10
Php Php 5.1.5
Php Php 5.3.6
Php Php 5.3.9
Php Php 5.1.2
Php Php 5.3.1
Php Php 4.2.0
Php Php 5.1.1
Php Php 3.0.1
Php Php 5.3.18
Php Php 5.2.14
Php Php 3.0.2
Php Php 4.4.4
Php Php 5.0.0
668
VMScore
CVE-2011-1153
Multiple format string vulnerabilities in phar_object.c in the phar extension in PHP 5.3.5 and previous versions allow context-dependent malicious users to obtain sensitive information from process memory, cause a denial of service (memory corruption), or possibly execute arbitra...
Php Php 4.3.3
Php Php 4.3.6
Php Php 4.4.7
Php Php 5.0.0
Php Php 5.2.8
Php Php 4.4.0
Php Php 5.0.4
Php Php 5.2.9
Php Php 5.0.3
Php Php 5.1.6
Php Php 5.2.0
Php Php 2.0
Php Php 4.4.8
Php Php 3.0.10
Php Php 3.0.13
Php Php 3.0.3
Php Php 3.0.15
Php Php 3.0.8
Php Php 3.0.5
Php Php 4.0.6
Php Php 4.0.5
Php Php 5.2.14
668
VMScore
CVE-2010-2225
Use-after-free vulnerability in the SplObjectStorage unserializer in PHP 5.2.x and 5.3.x up to and including 5.3.2 allows remote malicious users to execute arbitrary code or obtain sensitive information via serialized data, related to the PHP unserialize function.
Php Php 5.2.6
Php Php 5.2.7
Php Php 5.2.4
Php Php 5.2.5
Php Php 5.2.12
Php Php 5.2.13
Php Php 5.2.0
Php Php 5.2.1
Php Php 5.2.8
Php Php 5.2.9
Php Php 5.2.2
Php Php 5.2.3
Php Php 5.2.10
Php Php 5.2.11
Php Php 5.3.1
Php Php 5.3.2
Php Php 5.3.0
668
VMScore
CVE-2010-1868
The (1) sqlite_single_query and (2) sqlite_array_query functions in ext/sqlite/sqlite.c in PHP 5.2 up to and including 5.2.13 and 5.3 up to and including 5.3.2 allow context-dependent malicious users to execute arbitrary code by calling these functions with an empty SQL query, wh...
Php Php 5.2.5
Php Php 5.2.8
Php Php 5.2.13
Php Php 5.2.0
Php Php 5.2.1
Php Php 5.2.2
Php Php 5.2.3
Php Php 5.2.9
Php Php 5.2.10
Php Php 5.2.11
Php Php 5.2.12
Php Php 5.2.4
Php Php 5.2.6
Php Php 5.3.0
Php Php 5.3.2
Php Php 5.3.1
668
VMScore
CVE-2010-1129
The safe_mode implementation in PHP prior to 5.2.13 does not properly handle directory pathnames that lack a trailing / (slash) character, which allows context-dependent malicious users to bypass intended access restrictions via vectors related to use of the tempnam function.
Php Php 5.2.5
Php Php 5.2.6
Php Php 5.2.0
Php Php 5.2.7
Php Php 5.2.8
Php Php 5.2.9
Php Php 5.2.3
Php Php 5.2.4
Php Php 5.2.12
Php Php 5.2.1
Php Php 5.2.2
Php Php 5.2.10
Php Php 5.2.11
668
VMScore
CVE-2009-3293
Unspecified vulnerability in the imagecolortransparent function in PHP prior to 5.2.11 has unknown impact and attack vectors related to an incorrect "sanity check for the color index."
Php Php 4.3.6
Php Php 4.3.5
Php Php 4.2.0
Php Php 4.4.5
Php Php 5.0.0
Php Php 4.3.7
Php Php 4.4.4
Php Php 5.1.0
Php Php 5.0.5
Php Php 5.0.2
Php Php 5.0.1
Php Php 4.2
Php Php 4.4.9
Php Php 3.0.1
Php Php 3.0
Php Php 3.0.17
Php Php 3.0.16
Php Php 3.0.5
Php Php 3.0.6
Php Php 4.0
Php Php 4.0.6
Php Php 4.0.1
668
VMScore
CVE-2009-3291
The php_openssl_apply_verification_policy function in PHP prior to 5.2.11 does not properly perform certificate validation, which has unknown impact and attack vectors, probably related to an ability to spoof certificates.
Php Php 4.3.6
Php Php 4.3.5
Php Php 4.3.0
Php Php 5.0.0
Php Php 4.3.7
Php Php 4.4.4
Php Php 5.1.0
Php Php 5.0.2
Php Php 4.4.9
Php Php 4.2
Php Php 3.0.12
Php Php 3.0.1
Php Php 3.0.14
Php Php 3.0.17
Php Php 3.0.16
Php Php 3.0.5
Php Php 3.0.6
Php Php 4.0
Php Php 4.0.1
Php Php 4.1.2
Php Php 4.0.7
Php Php 5.2.9
668
VMScore
CVE-2009-3292
Unspecified vulnerability in PHP prior to 5.2.11, and 5.3.x prior to 5.3.1, has unknown impact and attack vectors related to "missing sanity checks around exif processing."
Php Php 4.3.2
Php Php 4.3.11
Php Php 4.2.3
Php Php 5.0
Php Php 4.4.0
Php Php 4.4.1
Php Php 4.4.2
Php Php 5.0.0
Php Php 1.0
Php Php 2.0b10
Php Php 3.0.11
Php Php 3.0.10
Php Php 3.0.4
Php Php 3.0.3
Php Php 3.0.9
Php Php 4.0
Php Php 4.0.0
Php Php 4.0.4
Php Php 4.0.3
Php Php 4.0.7
Php Php 5.1.4
Php Php 5.1.5
668
VMScore
CVE-2007-4658
The money_format function in PHP 5 prior to 5.2.4, and PHP 4 prior to 4.4.8, permits multiple (1) %i and (2) %n tokens, which has unknown impact and attack vectors, possibly related to a format string vulnerability.
Php Php 5.0.4
Php Php 5.0.3
Php Php 5.0.0
Php Php 5.0.2
Php Php 5.2.0
Php Php 5.1.4
Php Php 5.1.0
Php Php 5.2.12
Php Php 5.2.1
Php Php 5.2.2
Php Php 5.2.11
Php Php 5.0.5
Php Php 5.2.13
Php Php 5.1.6
Php Php 5.2.3
Php Php 5.2.10
Php Php 5.1.3
Php Php 5.1.2
Php Php 5.1.1
Php Php 5.0.1
Php Php 5.1.5
Php Php 5.2.14
668
VMScore
CVE-2007-0455
Buffer overflow in the gdImageStringFTEx function in gdft.c in GD Graphics Library 2.0.33 and previous versions allows remote malicious users to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted string with a JIS encoded font.
Gd Graphics Library Project Gd Graphics Library
Php Php
Canonical Ubuntu Linux 7.04
Canonical Ubuntu Linux 6.10
Canonical Ubuntu Linux 6.06
Fedoraproject Fedora 13
Fedoraproject Fedora 14
Redhat Enterprise Linux Desktop 3.0
Redhat Enterprise Linux Desktop 4.0
Redhat Enterprise Linux Server 4.0
Redhat Enterprise Linux Workstation 4.0
Redhat Enterprise Linux Workstation 3.0
Redhat Enterprise Linux Server 3.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »