Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php php 5.0 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2021-32050
Some MongoDB Drivers may erroneously publish events containing authentication-related data to a command listener configured by an application. The published events may contain security-sensitive data when specific authentication-related commands are executed. Without due care, an...
Mongodb C\\+\\+
Mongodb Node.js
Mongodb Swift Driver
Mongodb Php Driver
Mongodb C Driver
7.5
CVSSv3
CVE-2022-31157
LTI 1.3 Tool Library is a library used for building IMS-certified LTI 1.3 tool providers in PHP. Prior to version 5.0, the function used to generate random nonces was not sufficiently cryptographically complex. Users should upgrade to version 5.0 to receive a patch. There are cur...
Packback Lti 1.3 Tool Library
7.5
CVSSv3
CVE-2022-31158
LTI 1.3 Tool Library is a library used for building IMS-certified LTI 1.3 tool providers in PHP. Prior to version 5.0, the Nonce Claim Value was not being validated against the nonce value sent in the Authentication Request. Users should upgrade to version 5.0 to receive a patch....
Packback Lti 1.3 Tool Library
7.5
CVSSv3
CVE-2011-3336
regcomp in the BSD implementation of libc is vulnerable to denial of service due to stack exhaustion.
Php Php
Apple Mac Os X
Freebsd Freebsd 8.2
Openbsd Openbsd 5.0
1 EDB exploit
7.5
CVSSv3
CVE-2010-4657
PHP5 prior to 5.4.4 allows passing invalid utf-8 strings via the xmlTextWriterWriteAttribute, which are then misparsed by libxml2. This results in memory leak into the resulting output.
Php Php
Redhat Enterprise Linux 5.0
Redhat Enterprise Linux 6.0
Debian Debian Linux 8.0
7.5
CVSSv3
CVE-2018-20151
In WordPress prior to 4.9.9 and 5.x prior to 5.0.1, the user-activation page could be read by a search engine's web crawler if an unusual configuration were chosen. The search engine could then index and display a user's e-mail address and (rarely) the password that was...
Wordpress Wordpress
Debian Debian Linux 9.0
Debian Debian Linux 8.0
7.5
CVSSv3
CVE-2016-1351
The Locator/ID Separation Protocol (LISP) implementation in Cisco IOS 15.1 and 15.2 and NX-OS 4.1 up to and including 6.2 allows remote malicious users to cause a denial of service (device reload) via a crafted header in a packet, aka Bug ID CSCuu64279.
Cisco Nx-os 6.2\\(2a\\)
Cisco Nx-os 6.1\\(3\\)
Cisco Nx-os 5.1\\(6\\)
Cisco Nx-os 5.2\\(1\\)
Cisco Nx-os 6.2\\(12\\)
Cisco Nx-os 5.1\\(4\\)
Cisco Nx-os 6.2\\(6b\\)
Cisco Nx-os 5.1\\(5\\)
Cisco Ios 15.2\\(1\\)sy
Cisco Nx-os 6.0\\(3\\)
Cisco Ios 15.1\\(2\\)sy3
Cisco Ios 15.1\\(1\\)sy4
Cisco Ios 15.1\\(2\\)sy
Cisco Nx-os 4.2\\(8\\)
Cisco Ios 15.1\\(2\\)sy1
Cisco Nx-os 6.0\\(2\\)
Cisco Nx-os 4.2\\(3\\)
Cisco Nx-os 5.1\\(3\\)
Cisco Nx-os 6.1\\(4\\)
Cisco Nx-os 5.2\\(3a\\)
Cisco Nx-os 6.2\\(8b\\)
Cisco Nx-os 5.2\\(7\\)
6.5
CVSSv3
CVE-2018-20147
In WordPress prior to 4.9.9 and 5.x prior to 5.0.1, authors could modify metadata to bypass intended restrictions on deleting files.
Wordpress Wordpress
Debian Debian Linux 9.0
Debian Debian Linux 8.0
6.5
CVSSv3
CVE-2018-20152
In WordPress prior to 4.9.9 and 5.x prior to 5.0.1, authors could bypass intended restrictions on post types via crafted input.
Wordpress Wordpress
Debian Debian Linux 8.0
Debian Debian Linux 9.0
6.1
CVSSv3
CVE-2023-4110
A vulnerability has been found in PHP Jabbers Availability Booking Calendar 5.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /index.php. The manipulation of the argument session_id leads to cross site scripting. The attack ...
Phpjabbers Availability Booking Calendar 5.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »