Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php php 5.4.4 vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2013-2110
Heap-based buffer overflow in the php_quot_print_encode function in ext/standard/quot_print.c in PHP prior to 5.3.26 and 5.4.x prior to 5.4.16 allows remote malicious users to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted ar...
Php Php 5.3.20
Php Php 5.3.12
Php Php 5.3.8
Php Php 5.3.5
Php Php 5.3.9
Php Php 5.2.12
Php Php 5.2.10
Php Php 5.2.6
Php Php 5.2.4
Php Php 5.1.1
Php Php 5.1.0
Php Php 5.0.0
Php Php 4.3.5
Php Php 4.2.1
Php Php 4.4.6
Php Php 4.4.7
Php Php 4.4.2
Php Php 4.4.3
Php Php 4.0
Php Php 4.0.6
Php Php 4.1.0
Php Php 4.0.7
5
CVSSv2
CVE-2013-3735
The Zend Engine in PHP prior to 5.4.16 RC1, and 5.5.0 before RC2, does not properly determine whether a parser error occurred, which allows context-dependent malicious users to cause a denial of service (memory consumption and application crash) via a crafted function definition,...
Php Php 5.4.12
Php Php 5.4.14
Php Php 5.4.8
Php Php 5.4.9
Php Php 5.4.11
Php Php 5.4.10
Php Php 5.4.2
Php Php 5.4.5
Php Php 5.4.6
Php Php 5.4.13
Php Php 5.4.0
Php Php 5.4.3
Php Php 5.4.1
Php Php 5.4.7
Php Php
Php Php 5.4.4
Php Php 5.5.0
7.5
CVSSv2
CVE-2013-1635
ext/soap/soap.c in PHP prior to 5.3.22 and 5.4.x prior to 5.4.13 does not validate the relationship between the soap.wsdl_cache_dir directive and the open_basedir directive, which allows remote malicious users to bypass intended access restrictions by triggering the creation of c...
Php Php 4.3.9
Php Php 4.4.9
Php Php 3.0
Php Php
Php Php 5.2.9
Php Php 4.0
Php Php 3.0.5
Php Php 3.0.11
Php Php 5.3.10
Php Php 5.1.5
Php Php 5.3.6
Php Php 5.3.9
Php Php 5.1.2
Php Php 5.3.1
Php Php 4.2.0
Php Php 5.1.1
Php Php 3.0.1
Php Php 5.3.18
Php Php 5.2.14
Php Php 3.0.2
Php Php 4.4.4
Php Php 5.0.0
5
CVSSv2
CVE-2013-1643
The SOAP parser in PHP prior to 5.3.23 and 5.4.x prior to 5.4.13 allows remote malicious users to read arbitrary files via a SOAP WSDL file containing an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue in the ...
Php Php 4.3.9
Php Php 4.4.9
Php Php 3.0
Php Php
Php Php 5.2.9
Php Php 4.0
Php Php 3.0.5
Php Php 3.0.11
Php Php 5.3.10
Php Php 5.1.5
Php Php 5.3.6
Php Php 5.3.9
Php Php 5.1.2
Php Php 5.3.1
Php Php 4.2.0
Php Php 5.1.1
Php Php 3.0.1
Php Php 5.3.18
Php Php 5.2.14
Php Php 3.0.2
Php Php 4.4.4
Php Php 5.0.0
7.5
CVSSv2
CVE-2012-1911
Multiple SQL injection vulnerabilities in PHP Address Book 6.2.12 and previous versions allow remote malicious users to execute arbitrary SQL commands via the (1) to_group parameter to group.php or (2) id parameter to vcard.php. NOTE: the edit.php vector is already covered by CVE...
Chatelao Php Address Book 6.2.9
Chatelao Php Address Book 6.2.7
Chatelao Php Address Book 6.2
Chatelao Php Address Book 6.1.4
Chatelao Php Address Book 5.7.3
Chatelao Php Address Book 5.8.1
Chatelao Php Address Book 5.7.5
Chatelao Php Address Book 5.4.4
Chatelao Php Address Book 5.4.3
Chatelao Php Address Book 5.0
Chatelao Php Address Book 5.4.2
Chatelao Php Address Book 4.0.2
Chatelao Php Address Book 3.2.6
Chatelao Php Address Book 3.2.13
Chatelao Php Address Book 3.1.5
Chatelao Php Address Book 3.2.5
Chatelao Php Address Book 3.3.8
Chatelao Php Address Book 3.3
Chatelao Php Address Book 3.2.14
Chatelao Php Address Book 3.4.7
Chatelao Php Address Book 3.4.8
Chatelao Php Address Book 3.4.3
1 EDB exploit
4.3
CVSSv2
CVE-2012-1912
Cross-site scripting (XSS) vulnerability in preferences.php in PHP Address Book 7.0 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the from parameter. NOTE: the index.php vector is already covered by CVE-2008-2566.
Chatelao Php Address Book 6.1
Chatelao Php Address Book 6.2
Chatelao Php Address Book 6.2.7
Chatelao Php Address Book 6.2.9
Chatelao Php Address Book 5.8.1
Chatelao Php Address Book 5.7.5
Chatelao Php Address Book 5.4.4
Chatelao Php Address Book 5.4.3
Chatelao Php Address Book 5.5
Chatelao Php Address Book 5.4.2
Chatelao Php Address Book 5.4.1
Chatelao Php Address Book 4.0.2
Chatelao Php Address Book 3.2.6
Chatelao Php Address Book 3.1.5
Chatelao Php Address Book 3.1.6
Chatelao Php Address Book 3.3.8
Chatelao Php Address Book 3.3.7
Chatelao Php Address Book 3.3
Chatelao Php Address Book 3.2.14
Chatelao Php Address Book 3.4.8
Chatelao Php Address Book 3.4.5
Chatelao Php Address Book 3.4.4
1 EDB exploit
2.6
CVSSv2
CVE-2012-3450
pdo_sql_parser.re in the PDO extension in PHP prior to 5.3.14 and 5.4.x prior to 5.4.4 does not properly determine the end of the query string during parsing of prepared statements, which allows remote malicious users to cause a denial of service (out-of-bounds read and applicati...
Php Php 5.3.11
Php Php 5.3.4
Php Php 5.3.9
Php Php 5.3.2
Php Php 5.3.12
Php Php 5.3.8
Php Php 5.3.6
Php Php 5.3.5
Php Php 5.4.2
Php Php 5.4.3
Php Php 5.3.1
Php Php 5.3.7
Php Php 5.4.0
Php Php 5.4.1
Php Php 5.3.3
Php Php 5.3.0
Php Php 5.3.10
Php Php
1 EDB exploit
10
CVSSv2
CVE-2012-2688
Unspecified vulnerability in the _php_stream_scandir function in the stream implementation in PHP prior to 5.3.15 and 5.4.x prior to 5.4.5 has unknown impact and remote attack vectors, related to an "overflow."
Php Php
Php Php 5.3.1
Php Php 5.3.7
Php Php 5.3.12
Php Php 5.3.8
Php Php 5.3.11
Php Php 5.3.4
Php Php 5.3.3
Php Php 5.3.0
Php Php 5.3.2
Php Php 5.3.10
Php Php 5.2.15
Php Php 5.2.11
Php Php 5.2.7
Php Php 5.2.1
Php Php 5.2.2
Php Php 5.1.5
Php Php 5.0.5
Php Php 5.0.2
Php Php 5.0.1
Php Php 4.3.2
Php Php 4.3.11
7.5
CVSSv2
CVE-2012-2386
Integer overflow in the phar_parse_tarfile function in tar.c in the phar extension in PHP prior to 5.3.14 and 5.4.x prior to 5.4.4 allows remote malicious users to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted tar file that trigger...
Php Php
1 EDB exploit
4.3
CVSSv2
CVE-2012-2143
The crypt_des (aka DES-based crypt) function in FreeBSD prior to 9.0-RELEASE-p2, as used in PHP, PostgreSQL, and other products, does not process the complete cleartext password if this password contains a 0x80 character, which makes it easier for context-dependent malicious user...
Postgresql Postgresql
Freebsd Freebsd 5.2.1
Freebsd Freebsd 7.4
Freebsd Freebsd 6.1
Freebsd Freebsd 3.1
Freebsd Freebsd 6.4
Freebsd Freebsd 6.3
Freebsd Freebsd 2.2.5
Freebsd Freebsd 5.5
Freebsd Freebsd 8.2
Freebsd Freebsd 5.4
Freebsd Freebsd 5.3
Freebsd Freebsd 2.2.2
Freebsd Freebsd 2.1.7
Freebsd Freebsd 4.11
Freebsd Freebsd 2.0.5
Freebsd Freebsd 8.0
Freebsd Freebsd 1.1.5.1
Freebsd Freebsd 4.5
Freebsd Freebsd 4.7
Freebsd Freebsd 7.0
Freebsd Freebsd
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »