Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php php 5.4.1 vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2012-2336
sapi/cgi/cgi_main.c in PHP prior to 5.3.13 and 5.4.x prior to 5.4.3, when configured as a CGI script (aka php-cgi), does not properly handle query strings that lack an = (equals sign) character, which allows remote malicious users to cause a denial of service (resource consumptio...
Php Php 4.3.9
Php Php 4.4.9
Php Php 3.0
Php Php 5.2.9
Php Php 4.0
Php Php 3.0.5
Php Php 3.0.11
Php Php 5.3.10
Php Php 5.1.5
Php Php 5.3.6
Php Php 5.3.9
Php Php 5.1.2
Php Php 5.3.1
Php Php 4.2.0
Php Php 5.1.1
Php Php 3.0.1
Php Php 5.2.14
Php Php 3.0.2
Php Php 4.4.4
Php Php 5.0.0
Php Php 4.1.0
Php Php 5.1.6
4 EDB exploits
7.5
CVSSv2
CVE-2012-2311
sapi/cgi/cgi_main.c in PHP prior to 5.3.13 and 5.4.x prior to 5.4.3, when configured as a CGI script (aka php-cgi), does not properly handle query strings that contain a %3D sequence but no = (equals sign) character, which allows remote malicious users to execute arbitrary code b...
Php Php 4.3.9
Php Php 4.4.9
Php Php 3.0
Php Php 5.2.9
Php Php 4.0
Php Php 3.0.5
Php Php 3.0.11
Php Php 5.3.10
Php Php 5.1.5
Php Php 5.3.6
Php Php 5.3.9
Php Php 5.1.2
Php Php 5.3.1
Php Php 4.2.0
Php Php 5.1.1
Php Php 3.0.1
Php Php 5.2.14
Php Php 3.0.2
Php Php 4.4.4
Php Php 5.0.0
Php Php 4.1.0
Php Php 5.1.6
4 EDB exploits
2 Github repositories
10
CVSSv2
CVE-2012-2376
Buffer overflow in the com_print_typeinfo function in PHP 5.4.3 and previous versions on Windows allows remote malicious users to execute arbitrary code via crafted arguments that trigger incorrect handling of COM object VARIANT types, as exploited in the wild in May 2012.
Php Php 5.4.2
Php Php 5.4.1
Php Php 5.3.2
Php Php 5.2.8
Php Php 5.2.6
Php Php 5.1.1
Php Php 5.1.0
Php Php 5.3.6
Php Php 5.0.0
Php Php 5.2.3
Php Php 5.2.1
Php Php 5.3.3
Php Php 5.2.7
Php Php 5.2.14
Php Php 4.3.10
Php Php 4.2.1
Php Php 4.2.0
Php Php 4.3.8
Php Php 4.3.9
Php Php 4.4.9
Php Php 4.3.0
Php Php 4.0.6
1 EDB exploit
5
CVSSv2
CVE-2013-2110
Heap-based buffer overflow in the php_quot_print_encode function in ext/standard/quot_print.c in PHP prior to 5.3.26 and 5.4.x prior to 5.4.16 allows remote malicious users to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted ar...
Php Php 5.3.20
Php Php 5.3.12
Php Php 5.3.8
Php Php 5.3.5
Php Php 5.3.9
Php Php 5.2.12
Php Php 5.2.10
Php Php 5.2.6
Php Php 5.2.4
Php Php 5.1.1
Php Php 5.1.0
Php Php 5.0.0
Php Php 4.3.5
Php Php 4.2.1
Php Php 4.4.6
Php Php 4.4.7
Php Php 4.4.2
Php Php 4.4.3
Php Php 4.0
Php Php 4.0.6
Php Php 4.1.0
Php Php 4.0.7
5
CVSSv2
CVE-2013-4635
Integer overflow in the SdnToJewish function in jewish.c in the Calendar component in PHP prior to 5.3.26 and 5.4.x prior to 5.4.16 allows context-dependent malicious users to cause a denial of service (application hang) via a large argument to the jdtojewish function.
Php Php 5.3.20
Php Php 5.3.19
Php Php 5.3.8
Php Php 5.3.11
Php Php 5.3.5
Php Php 5.3.9
Php Php 5.2.12
Php Php 5.2.10
Php Php 5.2.13
Php Php 5.2.4
Php Php 5.2.3
Php Php 5.1.1
Php Php 5.1.0
Php Php 5.0.0
Php Php 4.3.10
Php Php 4.3.5
Php Php 4.2.1
Php Php 4.4.7
Php Php 4.3.0
Php Php 4.4.3
Php Php 4.4.4
Php Php 4.0
7.5
CVSSv2
CVE-2013-1635
ext/soap/soap.c in PHP prior to 5.3.22 and 5.4.x prior to 5.4.13 does not validate the relationship between the soap.wsdl_cache_dir directive and the open_basedir directive, which allows remote malicious users to bypass intended access restrictions by triggering the creation of c...
Php Php 4.3.9
Php Php 4.4.9
Php Php 3.0
Php Php
Php Php 5.2.9
Php Php 4.0
Php Php 3.0.5
Php Php 3.0.11
Php Php 5.3.10
Php Php 5.1.5
Php Php 5.3.6
Php Php 5.3.9
Php Php 5.1.2
Php Php 5.3.1
Php Php 4.2.0
Php Php 5.1.1
Php Php 3.0.1
Php Php 5.3.18
Php Php 5.2.14
Php Php 3.0.2
Php Php 4.4.4
Php Php 5.0.0
5
CVSSv2
CVE-2013-1643
The SOAP parser in PHP prior to 5.3.23 and 5.4.x prior to 5.4.13 allows remote malicious users to read arbitrary files via a SOAP WSDL file containing an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue in the ...
Php Php 4.3.9
Php Php 4.4.9
Php Php 3.0
Php Php
Php Php 5.2.9
Php Php 4.0
Php Php 3.0.5
Php Php 3.0.11
Php Php 5.3.10
Php Php 5.1.5
Php Php 5.3.6
Php Php 5.3.9
Php Php 5.1.2
Php Php 5.3.1
Php Php 4.2.0
Php Php 5.1.1
Php Php 3.0.1
Php Php 5.3.18
Php Php 5.2.14
Php Php 3.0.2
Php Php 4.4.4
Php Php 5.0.0
5
CVSSv2
CVE-2016-7478
Zend/zend_exceptions.c in PHP, possibly 5.x prior to 5.6.28 and 7.x prior to 7.0.13, allows remote malicious users to cause a denial of service (infinite loop) via a crafted Exception object in serialized data, a related issue to CVE-2015-8876.
Php Php 5.0.0
Php Php 5.0.1
Php Php 5.0.2
Php Php 5.1.3
Php Php 5.1.4
Php Php 5.2.13
Php Php 5.2.14
Php Php 5.2.5
Php Php 5.2.6
Php Php 5.3.11
Php Php 5.3.12
Php Php 5.3.2
Php Php 5.3.20
Php Php 5.3.27
Php Php 5.3.28
Php Php 5.3.9
Php Php 5.4.0
Php Php 5.4.13
Php Php 5.4.14
Php Php 5.4.19
Php Php 5.4.2
Php Php 5.4.26
4.3
CVSSv2
CVE-2012-2903
Multiple cross-site scripting (XSS) vulnerabilities in PHP Address Book 7.0 and previous versions allow remote malicious users to inject arbitrary web script or HTML via the (1) PATH_INFO to group.php, or the (2) target_language or (3) target_flag parameter to translate.php.
Chatelao Php Address Book 5.8.1
Chatelao Php Address Book 5.7.5
Chatelao Php Address Book 5.5
Chatelao Php Address Book 5.4.9
Chatelao Php Address Book 5.4.2
Chatelao Php Address Book 5.4.1
Chatelao Php Address Book 4.1.3
Chatelao Php Address Book 4.1.1
Chatelao Php Address Book 3.4.4
Chatelao Php Address Book 3.4.3
Chatelao Php Address Book 3.3.15
Chatelao Php Address Book 3.3.14
Chatelao Php Address Book 3.3.5
Chatelao Php Address Book 5.7.4
Chatelao Php Address Book 5.7.3
Chatelao Php Address Book 3.4.9
Chatelao Php Address Book 5.4.7
Chatelao Php Address Book 5.4
Chatelao Php Address Book 5.3
Chatelao Php Address Book 4.0.2
Chatelao Php Address Book 4.0
Chatelao Php Address Book 3.4.2
1 EDB exploit
4.3
CVSSv2
CVE-2012-1912
Cross-site scripting (XSS) vulnerability in preferences.php in PHP Address Book 7.0 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the from parameter. NOTE: the index.php vector is already covered by CVE-2008-2566.
Chatelao Php Address Book 6.1
Chatelao Php Address Book 6.2
Chatelao Php Address Book 6.2.7
Chatelao Php Address Book 6.2.9
Chatelao Php Address Book 5.8.1
Chatelao Php Address Book 5.7.5
Chatelao Php Address Book 5.4.4
Chatelao Php Address Book 5.4.3
Chatelao Php Address Book 5.5
Chatelao Php Address Book 5.4.2
Chatelao Php Address Book 5.4.1
Chatelao Php Address Book 4.0.2
Chatelao Php Address Book 3.2.6
Chatelao Php Address Book 3.1.5
Chatelao Php Address Book 3.1.6
Chatelao Php Address Book 3.3.8
Chatelao Php Address Book 3.3.7
Chatelao Php Address Book 3.3
Chatelao Php Address Book 3.2.14
Chatelao Php Address Book 3.4.8
Chatelao Php Address Book 3.4.5
Chatelao Php Address Book 3.4.4
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »