Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php php 5.2.7 vulnerabilities and exploits
(subscribe to this query)
570
VMScore
CVE-2010-2191
The (1) parse_str, (2) preg_match, (3) unpack, and (4) pack functions; the (5) ZEND_FETCH_RW, (6) ZEND_CONCAT, and (7) ZEND_ASSIGN_CONCAT opcodes; and the (8) ArrayObject::uasort method in PHP 5.2 up to and including 5.2.13 and 5.3 up to and including 5.3.2 allow context-dependen...
Php Php 5.2.1
Php Php 5.2.2
Php Php 5.2.10
Php Php 5.2.11
Php Php 5.2.7
Php Php 5.2.8
Php Php 5.2.9
Php Php 5.3.2
Php Php 5.2.0
Php Php 5.2.3
Php Php 5.2.4
Php Php 5.3.0
Php Php 5.2.12
Php Php 5.2.5
Php Php 5.2.6
Php Php 5.2.13
Php Php 5.3.1
445
VMScore
CVE-2010-3065
The default session serializer in PHP 5.2 up to and including 5.2.13 and 5.3 up to and including 5.3.2 does not properly handle the PS_UNDEF_MARKER marker, which allows context-dependent malicious users to modify arbitrary session variables via a crafted session variable name.
Php Php 5.2.7
Php Php 5.2.8
Php Php 5.3.1
Php Php 5.3.2
Php Php 5.2.5
Php Php 5.2.6
Php Php 5.2.13
Php Php 5.3.0
Php Php 5.2.2
Php Php 5.2.3
Php Php 5.2.4
Php Php 5.2.11
Php Php 5.2.12
Php Php 5.2.0
Php Php 5.2.1
Php Php 5.2.9
Php Php 5.2.10
445
VMScore
CVE-2010-2101
The (1) strip_tags, (2) setcookie, (3) strtok, (4) wordwrap, (5) str_word_count, and (6) str_pad functions in PHP 5.2 up to and including 5.2.13 and 5.3 up to and including 5.3.2 allow context-dependent malicious users to obtain sensitive information (memory contents) by causing ...
Php Php 5.2.0
Php Php 5.2.1
Php Php 5.2.9
Php Php 5.2.10
Php Php 5.2.6
Php Php 5.2.7
Php Php 5.2.8
Php Php 5.3.1
Php Php 5.3.2
Php Php 5.2.2
Php Php 5.2.3
Php Php 5.2.11
Php Php 5.3.0
Php Php 5.2.4
Php Php 5.2.5
Php Php 5.2.12
Php Php 5.2.13
445
VMScore
CVE-2010-2097
The (1) iconv_mime_decode, (2) iconv_substr, and (3) iconv_mime_encode functions in PHP 5.2 up to and including 5.2.13 and 5.3 up to and including 5.3.2 allow context-dependent malicious users to obtain sensitive information (memory contents) by causing a userspace interruption o...
Php Php 5.2.0
Php Php 5.2.7
Php Php 5.2.8
Php Php 5.3.1
Php Php 5.3.2
Php Php 5.2.1
Php Php 5.2.2
Php Php 5.2.9
Php Php 5.2.10
Php Php 5.2.5
Php Php 5.2.6
Php Php 5.2.12
Php Php 5.2.13
Php Php 5.2.3
Php Php 5.2.4
Php Php 5.2.11
Php Php 5.3.0
445
VMScore
CVE-2010-2100
The (1) htmlentities, (2) htmlspecialchars, (3) str_getcsv, (4) http_build_query, (5) strpbrk, and (6) strtr functions in PHP 5.2 up to and including 5.2.13 and 5.3 up to and including 5.3.2 allow context-dependent malicious users to obtain sensitive information (memory contents)...
Php Php 5.2.1
Php Php 5.2.2
Php Php 5.2.3
Php Php 5.2.10
Php Php 5.2.11
Php Php 5.2.0
Php Php 5.2.8
Php Php 5.2.9
Php Php 5.3.2
Php Php 5.2.4
Php Php 5.2.5
Php Php 5.3.0
Php Php 5.2.12
Php Php 5.2.6
Php Php 5.2.7
Php Php 5.2.13
Php Php 5.3.1
383
VMScore
CVE-2010-3710
Stack consumption vulnerability in the filter_var function in PHP 5.2.x up to and including 5.2.14 and 5.3.x up to and including 5.3.3, when FILTER_VALIDATE_EMAIL mode is used, allows remote malicious users to cause a denial of service (memory consumption and application crash) v...
Php Php 5.2.5
Php Php 5.2.0
Php Php 5.2.1
Php Php 5.2.2
Php Php 5.2.13
Php Php 5.2.11
Php Php 5.2.3
Php Php 5.2.14
Php Php 5.2.12
Php Php 5.2.10
Php Php 5.2.6
Php Php 5.2.8
Php Php 5.3.1
Php Php 5.3.2
Php Php 5.2.9
Php Php 5.2.7
Php Php 5.2.4
Php Php 5.3.3
Php Php 5.3.0
668
VMScore
CVE-2008-5624
PHP 5 prior to 5.2.7 does not properly initialize the page_uid and page_gid global variables for use by the SAPI php_getuid function, which allows context-dependent malicious users to bypass safe_mode restrictions via variable settings that are intended to be restricted to root, ...
Php Php 5.2.0
Php Php 5.2.7
Php Php 5.1.6
Php Php 5.0.5
Php Php 5.0.4
Php Php 5.0.3
Php Php 5.0.0
Php Php 5.2.1
Php Php 5.2.2
Php Php 5.1.5
Php Php 5.1.4
Php Php 5.0.2
Php Php 5.0.1
Php Php 5.2.3
Php Php 5.2.4
Php Php 5.1.3
Php Php 5.1.2
Php Php 5.2.5
Php Php 5.2.6
Php Php 5.1.1
Php Php 5.1.0
505
VMScore
CVE-2010-4645
strtod.c, as used in the zend_strtod function in PHP 5.2 prior to 5.2.17 and 5.3 prior to 5.3.5, and other products, allows context-dependent malicious users to cause a denial of service (infinite loop) via a certain floating-point value in scientific notation, which is not prope...
Php Php 5.2.9
Php Php 5.2.14
Php Php 5.2.16
Php Php 5.2.7
Php Php 5.2.2
Php Php 5.2.5
Php Php 5.2.12
Php Php 5.2.11
Php Php 5.2.6
Php Php 5.2.3
Php Php 5.2.13
Php Php 5.2.0
Php Php 5.2.4
Php Php 5.2.10
Php Php 5.2.15
Php Php 5.2.1
Php Php 5.2.8
Php Php 5.3.1
Php Php 5.3.0
Php Php 5.3.3
Php Php 5.3.2
Php Php 5.3.4
1 EDB exploit
505
VMScore
CVE-2008-5498
Array index error in the imageRotate function in PHP 5.2.8 and previous versions allows context-dependent malicious users to read the contents of arbitrary memory locations via a crafted value of the third argument (aka the bgd_color or clrBack argument) for an indexed image.
Php Php 5.1.3
Php Php 5.1.2
Php Php 5.2.1
Php Php 5.2.2
Php Php 5.0
Php Php 5.0.2
Php Php 5.0.1
Php Php 5.0.0
Php Php 5.2.6
Php Php 5.2.5
Php Php 5.1.6
Php Php 5.2.0
Php Php 5.0.4
Php Php 5.0.3
Php Php
Php Php 5.1.1
Php Php 5.1.0
Php Php 5.0.5
Php Php 5
Php Php 5.2.7
Php Php 5.2.4
Php Php 5.2.3
1 EDB exploit
505
VMScore
CVE-2010-1130
session.c in the session extension in PHP prior to 5.2.13, and 5.3.1, does not properly interpret ; (semicolon) characters in the argument to the session_save_path function, which allows context-dependent malicious users to bypass open_basedir and safe_mode restrictions via an ar...
Php Php 5.2.3
Php Php 5.2.1
Php Php 5.2.2
Php Php 5.3.1
Php Php 5.0.0
Php Php 5.2.13
Php Php 5.2.11
Php Php 5.2.5
Php Php 5.2.0
Php Php 5.1.6
Php Php 5.1.4
Php Php 5.1.5
Php Php 5.0.5
Php Php 5.2.9
Php Php 5.2.4
Php Php 5.2.8
Php Php 5.1.0
Php Php 5.1.2
Php Php 5.0.4
Php Php 5.0.2
Php Php
Php Php 5.2.10
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »