Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php php 5.3.0 vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2009-3558
The posix_mkfifo function in ext/posix/posix.c in PHP prior to 5.2.12 and 5.3.x prior to 5.3.1 allows context-dependent malicious users to bypass open_basedir restrictions, and create FIFO files, via the pathname and mode arguments, as demonstrated by creating a .htaccess file.
Php Php 2.0
Php Php 2.0b10
Php Php 3.0.15
Php Php 3.0.16
Php Php 3.0.6
Php Php 3.0.7
Php Php 4.0.3
Php Php 4.0.4
Php Php 4.0
Php Php 4.1.0
Php Php 4.2.2
Php Php 4.2.3
Php Php 4.3.2
Php Php 4.3.7
Php Php 5.2.5
Php Php 5.2.6
Php Php 3.0.10
Php Php 3.0.11
Php Php 3.0.2
Php Php 3.0.3
Php Php 4.0.0
Php Php 4.0.7
6.5
CVSSv2
CVE-2021-41268
Symfony/SecurityBundle is the security system for Symfony, a PHP framework for web and console applications and a set of reusable PHP components. Since the rework of the Remember me cookie in version 5.3.0, the cookie is not invalidated when the user changes their password. Attac...
Sensiolabs Symfony
6.5
CVSSv2
CVE-2021-32693
Symfony is a PHP framework for web and console applications and a set of reusable PHP components. A vulnerability related to firewall authentication is in Symfony starting with version 5.3.0 and before 5.3.2. When an application defines multiple firewalls, the token authenticated...
Sensiolabs Symfony
6.5
CVSSv2
CVE-2013-3591
vTiger CRM 5.3 and 5.4: 'files' Upload Folder Arbitrary PHP Code Execution Vulnerability
Vtiger Vtiger Crm 5.3.0
Vtiger Vtiger Crm 5.4.0
1 EDB exploit
6.4
CVSSv2
CVE-2012-0057
PHP prior to 5.3.9 has improper libxslt security settings, which allows remote malicious users to create arbitrary files via a crafted XSLT stylesheet that uses the libxslt output extension.
Php Php 5.3.4
Php Php 5.3.6
Php Php 5.3.0
Php Php 5.3.1
Php Php 5.2.10
Php Php 5.2.13
Php Php 5.2.4
Php Php 5.2.3
Php Php 5.1.1
Php Php 5.1.0
Php Php 5.0.0
Php Php
Php Php 5.2.15
Php Php 5.2.9
Php Php 5.2.7
Php Php 5.2.0
Php Php 5.2.17
Php Php 5.2.2
Php Php 5.0.5
Php Php 5.0.4
Php Php 5.0.1
Php Php 5.3.7
6.4
CVSSv2
CVE-2011-2202
The rfc1867_post_handler function in main/rfc1867.c in PHP prior to 5.3.7 does not properly restrict filenames in multipart/form-data POST requests, which allows remote malicious users to conduct absolute path traversal attacks, and possibly create or overwrite arbitrary files, v...
Php Php 5.3.0
Php Php 4.0.4
Php Php 4.0.5
Php Php 4.0
Php Php 4.1.0
Php Php 4.2.2
Php Php 4.2.3
Php Php 4.3.3
Php Php 4.3.4
Php Php 4.4.1
Php Php 4.4.2
Php Php 3.0.11
Php Php 3.0.10
Php Php 3.0.4
Php Php 3.0.3
Php Php 3.0.8
Php Php 3.0.5
Php Php
Php Php 4.0.0
Php Php 4.0.1
Php Php 4.2.0
Php Php 4.3.1
1 EDB exploit
6.4
CVSSv2
CVE-2010-2191
The (1) parse_str, (2) preg_match, (3) unpack, and (4) pack functions; the (5) ZEND_FETCH_RW, (6) ZEND_CONCAT, and (7) ZEND_ASSIGN_CONCAT opcodes; and the (8) ArrayObject::uasort method in PHP 5.2 up to and including 5.2.13 and 5.3 up to and including 5.3.2 allow context-dependen...
Php Php 5.2.1
Php Php 5.2.2
Php Php 5.2.10
Php Php 5.2.11
Php Php 5.2.7
Php Php 5.2.8
Php Php 5.2.9
Php Php 5.3.2
Php Php 5.2.0
Php Php 5.2.3
Php Php 5.2.4
Php Php 5.3.0
Php Php 5.2.12
Php Php 5.2.5
Php Php 5.2.6
Php Php 5.2.13
Php Php 5.3.1
6.4
CVSSv2
CVE-2010-1861
The sysvshm extension for PHP 5.2 up to and including 5.2.13 and 5.3 up to and including 5.3.2 allows context-dependent malicious users to write to arbitrary memory addresses by using an object's __sleep function to interrupt an internal call to the shm_put_var function, whi...
Php Php 5.2.0
Php Php 5.2.8
Php Php 5.2.2
Php Php 5.2.3
Php Php 5.2.4
Php Php 5.2.5
Php Php 5.2.11
Php Php 5.2.12
Php Php 5.2.13
Php Php 5.2.10
Php Php 5.2.1
Php Php 5.2.6
Php Php 5.2.9
Php Php 5.3.0
Php Php 5.3.2
Php Php 5.3.1
6.4
CVSSv2
CVE-2009-2626
The zend_restore_ini_entry_cb function in zend_ini.c in PHP 5.3.0, 5.2.10, and previous versions versions allows context-specific malicious users to obtain sensitive information (memory contents) and cause a PHP crash by using the ini_set function to declare a variable, then usin...
Php Php 4.3.6
Php Php 4.3.5
Php Php 4.3.0
Php Php 5.0.0
Php Php 4.3.7
Php Php 4.4.4
Php Php 5.1.0
Php Php 5.0.2
Php Php 4.2
Php Php 4.4.9
Php Php 3.0.12
Php Php 3.0.1
Php Php 3.0.14
Php Php 3.0.17
Php Php 3.0.5
Php Php 3.0.6
Php Php 4.0
Php Php 4.0.2
Php Php 4.0.1
Php Php 4.1.2
Php Php 4.0.7
Php Php 5.2.8
3 EDB exploits
5.8
CVSSv2
CVE-2012-1172
The file-upload implementation in rfc1867.c in PHP prior to 5.4.0 does not properly handle invalid [ (open square bracket) characters in name values, which makes it easier for remote malicious users to cause a denial of service (malformed $_FILES indexes) or conduct directory tra...
Php Php 5.3.3
Php Php 5.3.2
Php Php 5.2.5
Php Php 5.2.11
Php Php 5.2.0
Php Php 5.3.0
Php Php 5.3.1
Php Php 5.3.5
Php Php 5.2.6
Php Php 5.2.9
Php Php 5.2.17
Php Php 5.2.10
Php Php 5.1.1
Php Php 5.1.0
Php Php 5.1.6
Php Php 5.0.3
Php Php 5.0.0
Php Php 5.2.3
Php Php 5.2.4
Php Php 5.2.14
Php Php 5.0.2
Php Php 5.3.7
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »