Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php php 5.0.5 vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2006-4812
Integer overflow in PHP 5 up to 5.1.6 and 4 prior to 4.3.0 allows remote malicious users to execute arbitrary code via an argument to the unserialize PHP function with a large value for the number of array elements, which triggers the overflow in the Zend Engine ecalloc function ...
Php Php 5.1.5
Php Php 5.1.2
Php Php 4.2.0
Php Php 5.1.1
Php Php 4.1.0
Php Php 5.1.6
Php Php 4.0.4
Php Php 4.0.5
Php Php 5.0
Php Php 5.0.5
Php Php 5.0.1
Php Php 5.1.4
Php Php 4.0.7
Php Php 5.0.4
Php Php 4.2.2
Php Php 4.0.3
Php Php 4.0.2
Php Php 4.1.1
Php Php 5.0.3
Php Php 4.2.3
Php Php 5.1.0
Php Php 4.0.1
1 EDB exploit
2.6
CVSSv2
CVE-2006-0208
Multiple cross-site scripting (XSS) vulnerabilities in PHP 4.4.1 and 5.1.1, when display_errors and html_errors are on, allow remote malicious users to inject arbitrary web script or HTML via inputs to PHP applications that are not filtered when they are included in the resulting...
Php Php 4.3.9
Php Php 4.0
Php Php 4.2.0
Php Php 5.1.1
Php Php 5.0.0
Php Php 4.1.0
Php Php 4.3.4
Php Php 4.0.4
Php Php 4.3.0
Php Php 4.0.5
Php Php 5.0.5
Php Php 4.3.6
Php Php 5.0.1
Php Php 4.3.7
Php Php 5.0.4
Php Php 4.2.2
Php Php 4.4.2
Php Php 4.3.2
Php Php 4.3.11
Php Php 4.0.0
Php Php 4.0.2
Php Php 4.3.3
2.1
CVSSv2
CVE-2005-3319
The apache2handler SAPI (sapi_apache2.c) in the Apache module (mod_php) for PHP 5.x prior to 5.1.0 final and 4.4 prior to 4.4.1 final allows malicious users to cause a denial of service (segmentation fault) via the session.save_path option in a .htaccess file or VirtualHost.
Php Php 4.3.9
Php Php 4.2.0
Php Php 4.1.0
Php Php 4.3.4
Php Php 4.0.4
Php Php 4.3.0
Php Php 4.0.5
Php Php 5.0
Php Php 5.0.5
Php Php 4.3.6
Php Php 5.0.1
Php Php 4.0.7
Php Php 4.3.7
Php Php 5.0.4
Php Php 4.2.2
Php Php 4.3.2
Php Php 4.3.11
Php Php 4.0.0
Php Php 4.0.3
Php Php 4.0.2
Php Php 4.3.3
Php Php 4.1.1
4.3
CVSSv2
CVE-2005-3388
Cross-site scripting (XSS) vulnerability in the phpinfo function in PHP 4.x up to 4.4.0 and 5.x up to 5.0.5 allows remote malicious users to inject arbitrary web script or HTML via a crafted URL with a "stacked array assignment."
Php Php 4.3.9
Php Php 4.2.0
Php Php 5.0.0
Php Php 4.1.0
Php Php 4.3.4
Php Php 4.0.4
Php Php 4.3.0
Php Php 4.0.5
Php Php 5.0.5
Php Php 4.3.6
Php Php 5.0.1
Php Php 4.0.7
Php Php 4.3.7
Php Php 5.0.4
Php Php 4.2.2
Php Php 4.3.2
Php Php 4.3.11
Php Php 4.0.0
Php Php 4.0.3
Php Php 4.0.2
Php Php 4.3.3
Php Php 4.1.1
1 EDB exploit
5
CVSSv2
CVE-2005-3389
The parse_str function in PHP 4.x up to 4.4.0 and 5.x up to 5.0.5, when called with only one parameter, allows remote malicious users to enable the register_globals directive via inputs that cause a request to be terminated due to the memory_limit setting, which causes PHP to set...
Php Php 4.3.9
Php Php 4.2.0
Php Php 5.0.0
Php Php 4.1.0
Php Php 4.3.4
Php Php 4.0.4
Php Php 4.3.0
Php Php 4.0.5
Php Php 5.0.5
Php Php 4.3.6
Php Php 5.0.1
Php Php 4.0.7
Php Php 4.3.7
Php Php 5.0.4
Php Php 4.2.2
Php Php 4.3.2
Php Php 4.3.11
Php Php 4.0.0
Php Php 4.0.3
Php Php 4.0.2
Php Php 4.3.3
Php Php 4.1.1
6.4
CVSSv2
CVE-2012-0057
PHP prior to 5.3.9 has improper libxslt security settings, which allows remote malicious users to create arbitrary files via a crafted XSLT stylesheet that uses the libxslt output extension.
Php Php
Php Php 5.2.9
Php Php 5.1.5
Php Php 5.3.6
Php Php 5.1.2
Php Php 5.3.1
Php Php 5.1.1
Php Php 5.2.14
Php Php 5.0.0
Php Php 5.1.6
Php Php 5.2.16
Php Php 5.2.7
Php Php 5.2.2
Php Php 5.0.5
Php Php 5.0.1
Php Php 5.1.4
Php Php 5.2.5
Php Php 5.0.4
Php Php 5.2.12
Php Php 5.2.11
Php Php 5.2.6
Php Php 5.2.17
5
CVSSv2
CVE-2012-0789
Memory leak in the timezone functionality in PHP prior to 5.3.9 allows remote malicious users to cause a denial of service (memory consumption) by triggering many strtotime function calls, which are not properly handled by the php_date_parse_tzfile cache.
Php Php
Php Php 5.2.9
Php Php 5.1.5
Php Php 5.3.6
Php Php 5.1.2
Php Php 5.3.1
Php Php 5.1.1
Php Php 5.2.14
Php Php 5.0.0
Php Php 5.1.6
Php Php 5.2.16
Php Php 5.2.7
Php Php 5.2.2
Php Php 5.0.5
Php Php 5.0.1
Php Php 5.1.4
Php Php 5.2.5
Php Php 5.0.4
Php Php 5.2.12
Php Php 5.2.11
Php Php 5.2.6
Php Php 5.2.17
1 EDB exploit
5
CVSSv2
CVE-2012-0788
The PDORow implementation in PHP prior to 5.3.9 does not properly interact with the session feature, which allows remote malicious users to cause a denial of service (application crash) via a crafted application that uses a PDO driver for a fetch and then calls the session_start ...
Php Php
Php Php 5.2.9
Php Php 5.1.5
Php Php 5.3.6
Php Php 5.1.2
Php Php 5.3.1
Php Php 5.1.1
Php Php 5.2.14
Php Php 5.0.0
Php Php 5.1.6
Php Php 5.2.16
Php Php 5.2.7
Php Php 5.2.2
Php Php 5.0.5
Php Php 5.0.1
Php Php 5.1.4
Php Php 5.2.5
Php Php 5.0.4
Php Php 5.2.12
Php Php 5.2.11
Php Php 5.2.6
Php Php 5.2.17
1 EDB exploit
5
CVSSv2
CVE-2011-4885
PHP prior to 5.3.9 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote malicious users to cause a denial of service (CPU consumption) by sending many crafted parameters.
Php Php
Php Php 5.2.9
Php Php 5.1.5
Php Php 5.3.6
Php Php 5.1.2
Php Php 5.3.1
Php Php 5.1.1
Php Php 5.2.14
Php Php 5.0.0
Php Php 5.1.6
Php Php 5.2.16
Php Php 5.2.7
Php Php 5.2.2
Php Php 5.0.5
Php Php 5.0.1
Php Php 5.1.4
Php Php 5.2.5
Php Php 5.0.4
Php Php 5.2.12
Php Php 5.2.11
Php Php 5.2.6
Php Php 5.2.17
3 EDB exploits
5.1
CVSSv2
CVE-2005-4154
Unspecified vulnerability in PEAR installer 1.4.2 and previous versions allows user-assisted malicious users to execute arbitrary code via a crafted package that can execute code when the pear command is executed or when the Web/Gtk frontend is loaded.
Php Pear 0.9
Php Pear 1.3.4
Php Pear 1.2.1
Php Pear 1.3.3.1
Php Pear 1.0.1
Php Pear 1.0
Php Pear 1.2
Php Pear 1.3
Php Pear 0.90
Php Pear 1.4.0
Php Pear 1.4.1
Php Pear 1.3.5
Php Pear 1.3.6
Php Pear 1.3.3
Php Pear
Php Pear 1.3.1
Php Pear 0.10
Php Pear 0.11
Php Pear 1.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »