Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php php 5.0.3 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2005-3883
CRLF injection vulnerability in the mb_send_mail function in PHP prior to 5.1.0 might allow remote malicious users to inject arbitrary e-mail headers via line feeds (LF) in the "To" address argument.
Php Php 4.0.7
Php Php 4.1.0
Php Php 4.2
Php Php 4.3.0
Php Php 4.3.1
Php Php 4.3.6
Php Php 4.3.7
Php Php 5.0.2
Php Php 5.0.3
Php Php 4.1.1
Php Php 4.1.2
Php Php 4.3.10
Php Php 4.3.11
Php Php 4.3.8
Php Php 4.3.9
Php Php 5.0.4
Php Php 5.0.5
Php Php 4.2.2
Php Php 4.2.3
Php Php 4.3.4
Php Php 4.3.5
Php Php 5.0.0
NA
CVE-2006-4812
Integer overflow in PHP 5 up to 5.1.6 and 4 prior to 4.3.0 allows remote malicious users to execute arbitrary code via an argument to the unserialize PHP function with a large value for the number of array elements, which triggers the overflow in the Zend Engine ecalloc function ...
Php Php 4.0.4
Php Php 4.0.5
Php Php 4.1.1
Php Php 4.1.2
Php Php 5.0.1
Php Php 5.0.2
Php Php 5.0.3
Php Php 5.1.1
Php Php 5.1.2
Php Php 4.0.3
Php Php 4.0.7
Php Php 4.1.0
Php Php 4.2
Php Php 5.0.0
Php Php 5.0
Php Php 5.1.0
Php Php 4.0.1
Php Php 4.0.2
Php Php 4.2.2
Php Php 4.2.3
Php Php 5.1.5
Php Php 5.1.6
1 EDB exploit
NA
CVE-2009-2302
Cross-site scripting (XSS) vulnerability in index.php in Aardvark Topsites PHP 5.2.0 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the q parameter in a search action. NOTE: it was later reported that 5.2.1 is also affected.
Avatic Aardvark Topsites Php 5.0.3
Avatic Aardvark Topsites Php 5
Avatic Aardvark Topsites Php 5.1.2
Avatic Aardvark Topsites Php 4.0.2
Avatic Aardvark Topsites Php 4.2.2
Avatic Aardvark Topsites Php 4.1.1
Avatic Aardvark Topsites Php
1 EDB exploit
NA
CVE-2009-2304
index.php in Aardvark Topsites PHP 5.2.0 and previous versions allows remote malicious users to obtain sensitive information via a nonexistent account name in the u parameter in a rate action, which reveals the installation path in an error message.
Avatic Aardvark Topsites Php
Avatic Aardvark Topsites Php 5.1.2
Avatic Aardvark Topsites Php 5.0.3
Avatic Aardvark Topsites Php 5
Avatic Aardvark Topsites Php 4.2.2
Avatic Aardvark Topsites Php 4.1.1
Avatic Aardvark Topsites Php 4.0.2
NA
CVE-2006-0208
Multiple cross-site scripting (XSS) vulnerabilities in PHP 4.4.1 and 5.1.1, when display_errors and html_errors are on, allow remote malicious users to inject arbitrary web script or HTML via inputs to PHP applications that are not filtered when they are included in the resulting...
Php Php 4.0.5
Php Php 4.0.6
Php Php 4.0
Php Php 4.1.0
Php Php 4.3.0
Php Php 4.3.1
Php Php 4.3.10
Php Php 4.3.7
Php Php 4.3.8
Php Php 5.0.0
Php Php 5.1.0
Php Php 5.1.1
Php Php 4.0.0
Php Php 4.1.1
Php Php 4.1.2
Php Php 4.3.11
Php Php 4.3.2
Php Php 4.3.9
Php Php 4.4.1
Php Php 4.0.1
Php Php 4.0.2
Php Php 4.2.0
NA
CVE-2009-2303
index.php in Aardvark Topsites PHP 5.2.1 and previous versions allows remote malicious users to obtain sensitive information via a negative integer value for the start parameter in a search action, which reveals the installation path in an error message.
Avatic Aardvark Topsites Php 5
Avatic Aardvark Topsites Php 5.1.2
Avatic Aardvark Topsites Php 4.0.2
Avatic Aardvark Topsites Php 4.2.2
Avatic Aardvark Topsites Php 4.1.1
Avatic Aardvark Topsites Php 5.2.0
Avatic Aardvark Topsites Php 5.0.3
Avatic Aardvark Topsites Php
NA
CVE-2005-3319
The apache2handler SAPI (sapi_apache2.c) in the Apache module (mod_php) for PHP 5.x prior to 5.1.0 final and 4.4 prior to 4.4.1 final allows malicious users to cause a denial of service (segmentation fault) via the session.save_path option in a .htaccess file or VirtualHost.
Php Php 4.0.1
Php Php 4.0.7
Php Php 4.0.0
Php Php 4.0.5
Php Php 4.0.6
Php Php 4.1.2
Php Php 4.2.0
Php Php 4.3.10
Php Php 4.3.11
Php Php 4.3.9
Php Php 4.4.0
Php Php 5.0
Php Php 4.0.2
Php Php 4.2.3
Php Php 4.2
Php Php 4.3.4
Php Php 4.3.5
Php Php 5.0.2
Php Php 5.0.3
Php Php 4.2.1
Php Php 4.2.2
Php Php 4.3.2
NA
CVE-2005-3388
Cross-site scripting (XSS) vulnerability in the phpinfo function in PHP 4.x up to 4.4.0 and 5.x up to 5.0.5 allows remote malicious users to inject arbitrary web script or HTML via a crafted URL with a "stacked array assignment."
Php Php 4.3.9
Php Php 4.2.0
Php Php 5.0.0
Php Php 4.1.0
Php Php 4.3.4
Php Php 4.0.4
Php Php 4.3.0
Php Php 4.0.5
Php Php 5.0.5
Php Php 4.3.6
Php Php 5.0.1
Php Php 4.0.7
Php Php 4.3.7
Php Php 5.0.4
Php Php 4.2.2
Php Php 4.3.2
Php Php 4.3.11
Php Php 4.0.0
Php Php 4.0.3
Php Php 4.0.2
Php Php 4.3.3
Php Php 4.1.1
1 EDB exploit
NA
CVE-2005-3389
The parse_str function in PHP 4.x up to 4.4.0 and 5.x up to 5.0.5, when called with only one parameter, allows remote malicious users to enable the register_globals directive via inputs that cause a request to be terminated due to the memory_limit setting, which causes PHP to set...
Php Php 4.0.1
Php Php 4.0.7
Php Php 4.2.1
Php Php 4.2.2
Php Php 4.3.3
Php Php 4.3.4
Php Php 5.0.0
Php Php 5.0.1
Php Php 5.0.2
Php Php 5.0.3
Php Php 4.0.3
Php Php 4.0.4
Php Php 4.1.0
Php Php 4.1.1
Php Php 4.3.1
Php Php 4.3.10
Php Php 4.3.7
Php Php 4.3.8
Php Php 4.0.2
Php Php 4.2.3
Php Php 4.2
Php Php 4.3.0
NA
CVE-2012-0057
PHP prior to 5.3.9 has improper libxslt security settings, which allows remote malicious users to create arbitrary files via a crafted XSLT stylesheet that uses the libxslt output extension.
Php Php 5.3.4
Php Php 5.3.6
Php Php 5.3.0
Php Php 5.3.1
Php Php 5.2.10
Php Php 5.2.13
Php Php 5.2.4
Php Php 5.2.3
Php Php 5.1.1
Php Php 5.1.0
Php Php 5.0.0
Php Php
Php Php 5.2.15
Php Php 5.2.9
Php Php 5.2.7
Php Php 5.2.0
Php Php 5.2.17
Php Php 5.2.2
Php Php 5.0.5
Php Php 5.0.4
Php Php 5.0.1
Php Php 5.3.7
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4671
unauthorized
CVE-2024-4776
CVE-2024-3407
CVE-2024-26026
CVE-2024-32888
wireless
CVE-2024-4656
template injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »