Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php php 5.4.4 vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2013-2110
Heap-based buffer overflow in the php_quot_print_encode function in ext/standard/quot_print.c in PHP prior to 5.3.26 and 5.4.x prior to 5.4.16 allows remote malicious users to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted ar...
Php Php 5.3.20
Php Php 5.3.12
Php Php 5.3.8
Php Php 5.3.5
Php Php 5.3.9
Php Php 5.2.12
Php Php 5.2.10
Php Php 5.2.6
Php Php 5.2.4
Php Php 5.1.1
Php Php 5.1.0
Php Php 5.0.0
Php Php 4.3.5
Php Php 4.2.1
Php Php 4.4.6
Php Php 4.4.7
Php Php 4.4.2
Php Php 4.4.3
Php Php 4.0
Php Php 4.0.6
Php Php 4.1.0
Php Php 4.0.7
5
CVSSv2
CVE-2013-1643
The SOAP parser in PHP prior to 5.3.23 and 5.4.x prior to 5.4.13 allows remote malicious users to read arbitrary files via a SOAP WSDL file containing an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue in the ...
Php Php 4.3.9
Php Php 4.4.9
Php Php 3.0
Php Php
Php Php 5.2.9
Php Php 4.0
Php Php 3.0.5
Php Php 3.0.11
Php Php 5.3.10
Php Php 5.1.5
Php Php 5.3.6
Php Php 5.3.9
Php Php 5.1.2
Php Php 5.3.1
Php Php 4.2.0
Php Php 5.1.1
Php Php 3.0.1
Php Php 5.3.18
Php Php 5.2.14
Php Php 3.0.2
Php Php 4.4.4
Php Php 5.0.0
5
CVSSv2
CVE-2016-7478
Zend/zend_exceptions.c in PHP, possibly 5.x prior to 5.6.28 and 7.x prior to 7.0.13, allows remote malicious users to cause a denial of service (infinite loop) via a crafted Exception object in serialized data, a related issue to CVE-2015-8876.
Php Php 5.0.0
Php Php 5.0.1
Php Php 5.0.2
Php Php 5.1.3
Php Php 5.1.4
Php Php 5.2.13
Php Php 5.2.14
Php Php 5.2.5
Php Php 5.2.6
Php Php 5.3.11
Php Php 5.3.12
Php Php 5.3.2
Php Php 5.3.20
Php Php 5.3.27
Php Php 5.3.28
Php Php 5.3.9
Php Php 5.4.0
Php Php 5.4.13
Php Php 5.4.14
Php Php 5.4.19
Php Php 5.4.2
Php Php 5.4.26
7.5
CVSSv2
CVE-2012-2386
Integer overflow in the phar_parse_tarfile function in tar.c in the phar extension in PHP prior to 5.3.14 and 5.4.x prior to 5.4.4 allows remote malicious users to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted tar file that trigger...
Php Php
1 EDB exploit
4.3
CVSSv2
CVE-2012-2903
Multiple cross-site scripting (XSS) vulnerabilities in PHP Address Book 7.0 and previous versions allow remote malicious users to inject arbitrary web script or HTML via the (1) PATH_INFO to group.php, or the (2) target_language or (3) target_flag parameter to translate.php.
Chatelao Php Address Book 5.8.1
Chatelao Php Address Book 5.7.5
Chatelao Php Address Book 5.5
Chatelao Php Address Book 5.4.9
Chatelao Php Address Book 5.4.2
Chatelao Php Address Book 5.4.1
Chatelao Php Address Book 4.1.3
Chatelao Php Address Book 4.1.1
Chatelao Php Address Book 3.4.4
Chatelao Php Address Book 3.4.3
Chatelao Php Address Book 3.3.15
Chatelao Php Address Book 3.3.14
Chatelao Php Address Book 3.3.5
Chatelao Php Address Book 5.7.4
Chatelao Php Address Book 5.7.3
Chatelao Php Address Book 3.4.9
Chatelao Php Address Book 5.4.7
Chatelao Php Address Book 5.4
Chatelao Php Address Book 5.3
Chatelao Php Address Book 4.0.2
Chatelao Php Address Book 4.0
Chatelao Php Address Book 3.4.2
1 EDB exploit
4.3
CVSSv2
CVE-2012-1912
Cross-site scripting (XSS) vulnerability in preferences.php in PHP Address Book 7.0 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the from parameter. NOTE: the index.php vector is already covered by CVE-2008-2566.
Chatelao Php Address Book 6.1
Chatelao Php Address Book 6.2
Chatelao Php Address Book 6.2.7
Chatelao Php Address Book 6.2.9
Chatelao Php Address Book 5.8.1
Chatelao Php Address Book 5.7.5
Chatelao Php Address Book 5.4.4
Chatelao Php Address Book 5.4.3
Chatelao Php Address Book 5.5
Chatelao Php Address Book 5.4.2
Chatelao Php Address Book 5.4.1
Chatelao Php Address Book 4.0.2
Chatelao Php Address Book 3.2.6
Chatelao Php Address Book 3.1.5
Chatelao Php Address Book 3.1.6
Chatelao Php Address Book 3.3.8
Chatelao Php Address Book 3.3.7
Chatelao Php Address Book 3.3
Chatelao Php Address Book 3.2.14
Chatelao Php Address Book 3.4.8
Chatelao Php Address Book 3.4.5
Chatelao Php Address Book 3.4.4
1 EDB exploit
7.5
CVSSv2
CVE-2012-1911
Multiple SQL injection vulnerabilities in PHP Address Book 6.2.12 and previous versions allow remote malicious users to execute arbitrary SQL commands via the (1) to_group parameter to group.php or (2) id parameter to vcard.php. NOTE: the edit.php vector is already covered by CVE...
Chatelao Php Address Book 6.2.9
Chatelao Php Address Book 6.2.7
Chatelao Php Address Book 6.2
Chatelao Php Address Book 6.1.4
Chatelao Php Address Book 5.7.3
Chatelao Php Address Book 5.8.1
Chatelao Php Address Book 5.7.5
Chatelao Php Address Book 5.4.4
Chatelao Php Address Book 5.4.3
Chatelao Php Address Book 5.0
Chatelao Php Address Book 5.4.2
Chatelao Php Address Book 4.0.2
Chatelao Php Address Book 3.2.6
Chatelao Php Address Book 3.2.13
Chatelao Php Address Book 3.1.5
Chatelao Php Address Book 3.2.5
Chatelao Php Address Book 3.3.8
Chatelao Php Address Book 3.3
Chatelao Php Address Book 3.2.14
Chatelao Php Address Book 3.4.7
Chatelao Php Address Book 3.4.8
Chatelao Php Address Book 3.4.3
1 EDB exploit
7.2
CVSSv2
CVE-2014-0185
sapi/fpm/fpm/fpm_unix.c in the FastCGI Process Manager (FPM) in PHP prior to 5.4.28 and 5.5.x prior to 5.5.12 uses 0666 permissions for the UNIX socket, which allows local users to gain privileges via a crafted FastCGI client.
Php Php
5
CVSSv2
CVE-2010-4657
PHP5 prior to 5.4.4 allows passing invalid utf-8 strings via the xmlTextWriterWriteAttribute, which are then misparsed by libxml2. This results in memory leak into the resulting output.
Php Php
Redhat Enterprise Linux 5.0
Redhat Enterprise Linux 6.0
Debian Debian Linux 8.0
5
CVSSv2
CVE-2013-7345
The BEGIN regular expression in the awk script detector in magic/Magdir/commands in file prior to 5.15 uses multiple wildcards with unlimited repetitions, which allows context-dependent malicious users to cause a denial of service (CPU consumption) via a crafted ASCII file that t...
Christos Zoulas File
Php Php
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Debian Debian Linux 6.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »