Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php php 4.4.9 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2011-0755
Integer overflow in the mt_rand function in PHP prior to 5.3.4 might make it easier for context-dependent malicious users to predict the return values by leveraging a script's use of a large max parameter, as demonstrated by a value that exceeds mt_getrandmax.
Php Php 4.0.1
Php Php 4.0.2
Php Php 4.0.3
Php Php 4.0
Php Php 4.2.1
Php Php 4.3.11
Php Php 4.3.2
Php Php 4.3.9
Php Php 4.4.0
Php Php 4.4.7
Php Php 4.4.8
Php Php 3.0.2
Php Php 3.0.18
Php Php 3.0.9
Php Php 3.0.7
Php Php
Php Php 5.2.9
Php Php 5.2.6
Php Php 5.2.8
Php Php 5.2.16
Php Php 5.2.7
Php Php 5.1.4
NA
CVE-2006-7243
PHP prior to 5.3.4 accepts the \0 character in a pathname, which might allow context-dependent malicious users to bypass intended access restrictions by placing a safe file extension after this character, as demonstrated by .php\0.jpg at the end of the argument to the file_exists...
Php Php 5.3.0
Php Php 4.0.3
Php Php 4.0.4
Php Php 4.0
Php Php 4.1.0
Php Php 4.2.2
Php Php 4.2.3
Php Php 4.3.2
Php Php 4.3.3
Php Php 4.4.1
Php Php 4.4.2
Php Php 4.4.9
Php Php 3.0.11
Php Php 3.0.18
Php Php 3.0.4
Php Php 3.0.8
Php Php 3.0.5
Php Php 5.2.12
Php Php 5.2.10
Php Php 5.2.8
Php Php 5.2.3
Php Php 5.2.4
2 Articles
NA
CVE-2010-4699
The iconv_mime_decode_headers function in the Iconv extension in PHP prior to 5.3.4 does not properly handle encodings that are unrecognized by the iconv and mbstring (aka Multibyte String) implementations, which allows remote malicious users to trigger an incomplete output array...
Php Php 5.3.1
Php Php 5.3.2
Php Php 4.0.5
Php Php 4.0.6
Php Php 4.0
Php Php 4.0.0
Php Php 4.0.7
Php Php 4.2.0
Php Php 4.3.1
Php Php 4.3.7
Php Php 4.3.8
Php Php 4.4.5
Php Php 4.4.6
Php Php 3.0.12
Php Php 3.0.1
Php Php 3.0.17
Php Php 3.0.16
Php Php 2.0
Php Php 1.0
Php Php 5.2.5
Php Php 5.2.0
Php Php 5.2.17
NA
CVE-2011-3182
PHP prior to 5.3.7 does not properly check the return values of the malloc, calloc, and realloc library functions, which allows context-dependent malicious users to cause a denial of service (NULL pointer dereference and application crash) or trigger a buffer overflow by leveragi...
Php Php 4.3.3
Php Php 4.3.6
Php Php 4.4.6
Php Php 4.4.7
Php Php 4.3.9
Php Php 5.2.8
Php Php 4.4.0
Php Php 5.0.4
Php Php 5.2.9
Php Php 5.0.0
Php Php 5.1.6
Php Php 5.2.0
Php Php 2.0b10
Php Php 2.0
Php Php 3.0.11
Php Php 3.0.10
Php Php 3.0.3
Php Php 3.0.15
Php Php 3.0.7
Php Php 3.0.8
Php Php 4.0
Php Php 4.0.6
1 EDB exploit
NA
CVE-2011-3267
PHP prior to 5.3.7 does not properly implement the error_log function, which allows context-dependent malicious users to cause a denial of service (application crash) via unspecified vectors.
Php Php 4.3.11
Php Php 4.3.4
Php Php 4.2.2
Php Php 4.4.5
Php Php 4.4.6
Php Php 4.3.8
Php Php 4.3.9
Php Php 4.4.4
Php Php 5.0.5
Php Php 5.0.0
Php Php 5.2.12
Php Php 5.2.13
Php Php 5.2.2
Php Php 1.0
Php Php 5.3.0
Php Php 3.0.11
Php Php 3.0.18
Php Php 3.0.4
Php Php 4.0
Php Php 3.0.9
Php Php 4.3.3
Php Php 4.3.6
NA
CVE-2011-3268
Buffer overflow in the crypt function in PHP prior to 5.3.7 allows context-dependent malicious users to have an unspecified impact via a long salt argument, a different vulnerability than CVE-2011-2483.
Php Php 4.3.11
Php Php 4.3.4
Php Php 4.2.2
Php Php 4.3.10
Php Php 4.3.1
Php Php 4.3.2
Php Php 4.2.0
Php Php 4.2.3
Php Php 4.3.7
Php Php 5.2.11
Php Php 4.4.2
Php Php 4.4.3
Php Php 5.1.2
Php Php 5.1.1
Php Php 5.0.1
Php Php 5.0.0
Php Php 5.2.3
Php Php 5.2.1
Php Php 5.2.10
Php Php 5.2.4
Php Php 3.0.1
Php Php 3.0
NA
CVE-2012-2688
Unspecified vulnerability in the _php_stream_scandir function in the stream implementation in PHP prior to 5.3.15 and 5.4.x prior to 5.4.5 has unknown impact and remote attack vectors, related to an "overflow."
Php Php
Php Php 5.3.1
Php Php 5.3.7
Php Php 5.3.12
Php Php 5.3.8
Php Php 5.3.11
Php Php 5.3.4
Php Php 5.3.3
Php Php 5.3.0
Php Php 5.3.2
Php Php 5.3.10
Php Php 5.2.15
Php Php 5.2.11
Php Php 5.2.7
Php Php 5.2.1
Php Php 5.2.2
Php Php 5.1.5
Php Php 5.0.5
Php Php 5.0.2
Php Php 5.0.1
Php Php 4.3.2
Php Php 4.3.11
NA
CVE-2012-2336
sapi/cgi/cgi_main.c in PHP prior to 5.3.13 and 5.4.x prior to 5.4.3, when configured as a CGI script (aka php-cgi), does not properly handle query strings that lack an = (equals sign) character, which allows remote malicious users to cause a denial of service (resource consumptio...
Php Php 4.3.9
Php Php 4.4.9
Php Php 3.0
Php Php 5.2.9
Php Php 4.0
Php Php 3.0.5
Php Php 3.0.11
Php Php 5.3.10
Php Php 5.1.5
Php Php 5.3.6
Php Php 5.3.9
Php Php 5.1.2
Php Php 5.3.1
Php Php 4.2.0
Php Php 5.1.1
Php Php 3.0.1
Php Php 5.2.14
Php Php 3.0.2
Php Php 4.4.4
Php Php 5.0.0
Php Php 4.1.0
Php Php 5.1.6
4 EDB exploits
NA
CVE-2012-3365
The SQLite functionality in PHP prior to 5.3.15 allows remote malicious users to bypass the open_basedir protection mechanism via unspecified vectors.
Php Php 5.3.11
Php Php 5.3.4
Php Php 5.3.13
Php Php 5.3.2
Php Php 5.2.13
Php Php 5.2.5
Php Php 5.2.3
Php Php 5.2.14
Php Php 5.1.6
Php Php 5.1.4
Php Php 5.0.0
Php Php 4.3.10
Php Php 4.3.1
Php Php 4.4.8
Php Php 4.2.0
Php Php 4.3.0
Php Php 4.3.7
Php Php 4.4.4
Php Php 4.0
Php Php 4.0.5
Php Php 4.0.4
Php Php 3.0.11
NA
CVE-2012-2311
sapi/cgi/cgi_main.c in PHP prior to 5.3.13 and 5.4.x prior to 5.4.3, when configured as a CGI script (aka php-cgi), does not properly handle query strings that contain a %3D sequence but no = (equals sign) character, which allows remote malicious users to execute arbitrary code b...
Php Php 4.3.9
Php Php 4.4.9
Php Php 3.0
Php Php 5.2.9
Php Php 4.0
Php Php 3.0.5
Php Php 3.0.11
Php Php 5.3.10
Php Php 5.1.5
Php Php 5.3.6
Php Php 5.3.9
Php Php 5.1.2
Php Php 5.3.1
Php Php 4.2.0
Php Php 5.1.1
Php Php 3.0.1
Php Php 5.2.14
Php Php 3.0.2
Php Php 4.4.4
Php Php 5.0.0
Php Php 4.1.0
Php Php 5.1.6
4 EDB exploits
2 Github repositories
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »