Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php php 5.0.4 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-0208
Multiple cross-site scripting (XSS) vulnerabilities in PHP 4.4.1 and 5.1.1, when display_errors and html_errors are on, allow remote malicious users to inject arbitrary web script or HTML via inputs to PHP applications that are not filtered when they are included in the resulting...
Php Php 4.0.5
Php Php 4.0.6
Php Php 4.0
Php Php 4.1.0
Php Php 4.3.0
Php Php 4.3.1
Php Php 4.3.10
Php Php 4.3.7
Php Php 4.3.8
Php Php 5.0.0
Php Php 5.1.0
Php Php 5.1.1
Php Php 4.0.0
Php Php 4.1.1
Php Php 4.1.2
Php Php 4.3.11
Php Php 4.3.2
Php Php 4.3.9
Php Php 4.4.1
Php Php 4.0.1
Php Php 4.0.2
Php Php 4.2.0
NA
CVE-2005-3319
The apache2handler SAPI (sapi_apache2.c) in the Apache module (mod_php) for PHP 5.x prior to 5.1.0 final and 4.4 prior to 4.4.1 final allows malicious users to cause a denial of service (segmentation fault) via the session.save_path option in a .htaccess file or VirtualHost.
Php Php 4.0.1
Php Php 4.0.7
Php Php 4.0.0
Php Php 4.0.5
Php Php 4.0.6
Php Php 4.1.2
Php Php 4.2.0
Php Php 4.3.10
Php Php 4.3.11
Php Php 4.3.9
Php Php 4.4.0
Php Php 5.0
Php Php 4.0.2
Php Php 4.2.3
Php Php 4.2
Php Php 4.3.4
Php Php 4.3.5
Php Php 5.0.2
Php Php 5.0.3
Php Php 4.2.1
Php Php 4.2.2
Php Php 4.3.2
NA
CVE-2005-3388
Cross-site scripting (XSS) vulnerability in the phpinfo function in PHP 4.x up to 4.4.0 and 5.x up to 5.0.5 allows remote malicious users to inject arbitrary web script or HTML via a crafted URL with a "stacked array assignment."
Php Php 4.3.9
Php Php 4.2.0
Php Php 5.0.0
Php Php 4.1.0
Php Php 4.3.4
Php Php 4.0.4
Php Php 4.3.0
Php Php 4.0.5
Php Php 5.0.5
Php Php 4.3.6
Php Php 5.0.1
Php Php 4.0.7
Php Php 4.3.7
Php Php 5.0.4
Php Php 4.2.2
Php Php 4.3.2
Php Php 4.3.11
Php Php 4.0.0
Php Php 4.0.3
Php Php 4.0.2
Php Php 4.3.3
Php Php 4.1.1
1 EDB exploit
NA
CVE-2005-3389
The parse_str function in PHP 4.x up to 4.4.0 and 5.x up to 5.0.5, when called with only one parameter, allows remote malicious users to enable the register_globals directive via inputs that cause a request to be terminated due to the memory_limit setting, which causes PHP to set...
Php Php 4.0.1
Php Php 4.0.7
Php Php 4.2.1
Php Php 4.2.2
Php Php 4.3.3
Php Php 4.3.4
Php Php 5.0.0
Php Php 5.0.1
Php Php 5.0.2
Php Php 5.0.3
Php Php 4.0.3
Php Php 4.0.4
Php Php 4.1.0
Php Php 4.1.1
Php Php 4.3.1
Php Php 4.3.10
Php Php 4.3.7
Php Php 4.3.8
Php Php 4.0.2
Php Php 4.2.3
Php Php 4.2
Php Php 4.3.0
NA
CVE-2012-0057
PHP prior to 5.3.9 has improper libxslt security settings, which allows remote malicious users to create arbitrary files via a crafted XSLT stylesheet that uses the libxslt output extension.
Php Php 5.3.4
Php Php 5.3.6
Php Php 5.3.0
Php Php 5.3.1
Php Php 5.2.10
Php Php 5.2.13
Php Php 5.2.4
Php Php 5.2.3
Php Php 5.1.1
Php Php 5.1.0
Php Php 5.0.0
Php Php
Php Php 5.2.15
Php Php 5.2.9
Php Php 5.2.7
Php Php 5.2.0
Php Php 5.2.17
Php Php 5.2.2
Php Php 5.0.5
Php Php 5.0.4
Php Php 5.0.1
Php Php 5.3.7
NA
CVE-2011-4885
PHP prior to 5.3.9 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote malicious users to cause a denial of service (CPU consumption) by sending many crafted parameters.
Php Php 5.2.16
Php Php 5.3.4
Php Php 5.2.12
Php Php 5.2.11
Php Php 5.2.4
Php Php 5.2.3
Php Php 5.1.2
Php Php 5.1.1
Php Php 5.0.0
Php Php 5.2.15
Php Php 5.3.3
Php Php 5.2.10
Php Php 5.2.9
Php Php 5.2.2
Php Php 5.2.1
Php Php 5.0.5
Php Php 5.0.4
Php Php 5.3.6
Php Php 5.3.5
Php Php 5.2.17
Php Php 5.3.1
Php Php 5.3.0
3 EDB exploits
NA
CVE-2012-0789
Memory leak in the timezone functionality in PHP prior to 5.3.9 allows remote malicious users to cause a denial of service (memory consumption) by triggering many strtotime function calls, which are not properly handled by the php_date_parse_tzfile cache.
Php Php 5.2.15
Php Php 5.3.3
Php Php 5.2.9
Php Php 5.2.8
Php Php 5.2.1
Php Php 5.2.0
Php Php 5.0.5
Php Php 5.0.4
Php Php 5.0.3
Php Php 5.0.0
Php Php 5.3.5
Php Php 5.2.17
Php Php 5.3.0
Php Php 5.2.12
Php Php 5.2.5
Php Php 5.2.4
Php Php 5.1.4
Php Php 5.1.3
Php Php
Php Php 5.2.16
Php Php 5.3.4
Php Php 5.2.11
1 EDB exploit
NA
CVE-2012-0788
The PDORow implementation in PHP prior to 5.3.9 does not properly interact with the session feature, which allows remote malicious users to cause a denial of service (application crash) via a crafted application that uses a PDO driver for a fetch and then calls the session_start ...
Php Php 5.2.15
Php Php 5.3.3
Php Php 5.2.14
Php Php 5.2.9
Php Php 5.2.8
Php Php 5.2.1
Php Php 5.2.0
Php Php 5.3.5
Php Php 5.2.17
Php Php 5.3.0
Php Php 5.2.12
Php Php 5.2.5
Php Php 5.2.4
Php Php 5.1.4
Php Php 5.1.3
Php Php 5.0.0
Php Php
Php Php 5.0.4
Php Php 5.0.3
Php Php 5.3.7
Php Php 5.3.6
Php Php 5.3.2
1 EDB exploit
NA
CVE-2012-1172
The file-upload implementation in rfc1867.c in PHP prior to 5.4.0 does not properly handle invalid [ (open square bracket) characters in name values, which makes it easier for remote malicious users to cause a denial of service (malformed $_FILES indexes) or conduct directory tra...
Php Php 5.3.3
Php Php 5.3.2
Php Php 5.2.5
Php Php 5.2.11
Php Php 5.2.0
Php Php 5.3.0
Php Php 5.3.1
Php Php 5.3.5
Php Php 5.2.6
Php Php 5.2.9
Php Php 5.2.17
Php Php 5.2.10
Php Php 5.1.1
Php Php 5.1.0
Php Php 5.1.6
Php Php 5.0.3
Php Php 5.0.0
Php Php 5.2.3
Php Php 5.2.4
Php Php 5.2.14
Php Php 5.0.2
Php Php 5.3.7
NA
CVE-2008-5557
Heap-based buffer overflow in ext/mbstring/libmbfl/filters/mbfilter_htmlent.c in the mbstring extension in PHP 4.3.0 up to and including 5.2.6 allows context-dependent malicious users to execute arbitrary code via a crafted string containing an HTML entity, which is not properly ...
Php Php 4.3.2
Php Php 4.3.3
Php Php 4.3.10
Php Php 4.3.11
Php Php 4.4.2
Php Php 4.4.3
Php Php 5.0.0
Php Php 5.1.0
Php Php 5.1.1
Php Php 5.2.2
Php Php 5.2.3
Php Php 4.3.1
Php Php 4.3.0
Php Php 4.3.8
Php Php 4.3.9
Php Php 4.4.8
Php Php 4.4.9
Php Php 4.4.1
Php Php 5.0.4
Php Php 5.0.5
Php Php 5.2.0
Php Php 5.2.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »