Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php php 5.2.1 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-3660
PHP 4.4.x prior to 4.4.9, and 5.x up to and including 5.2.6, when used as a FastCGI module, allows remote malicious users to cause a denial of service (crash) via a request with multiple dots preceding the extension, as demonstrated using foo..php.
Php Php 4.4.0
Php Php 4.4.1
Php Php 4.4.8
Php Php 5.2.0
Php Php 4.4.2
Php Php 4.4.3
Php Php 5.2.1
Php Php 5.2.2
Php Php 4.4.4
Php Php 4.4.5
Php Php 5.2.3
Php Php 5.2.4
Php Php 4.4.6
Php Php 4.4.7
Php Php 5.2.5
Php Php 5.2.6
NA
CVE-2007-0905
PHP prior to 5.2.1 allows malicious users to bypass safe_mode and open_basedir restrictions via unspecified vectors in the session extension. NOTE: it is possible that this issue is a duplicate of CVE-2006-6383.
Php Php 3.0
Php Php 3.0.1
Php Php 3.0.16
Php Php 3.0.17
Php Php 3.0.18
Php Php 3.0.8
Php Php 3.0.9
Php Php 4.0.3
Php Php 4.0.4
Php Php 4.1.1
Php Php 4.1.2
Php Php 4.3.1
Php Php 4.3.10
Php Php 4.3.7
Php Php 4.3.8
Php Php 5.0.1
Php Php 5.0.2
Php Php 5.1.0
Php Php 5.1.1
Php Php 3.0.10
Php Php 3.0.11
Php Php 3.0.2
NA
CVE-2010-2225
Use-after-free vulnerability in the SplObjectStorage unserializer in PHP 5.2.x and 5.3.x up to and including 5.3.2 allows remote malicious users to execute arbitrary code or obtain sensitive information via serialized data, related to the PHP unserialize function.
Php Php 5.2.6
Php Php 5.2.7
Php Php 5.2.4
Php Php 5.2.5
Php Php 5.2.12
Php Php 5.2.13
Php Php 5.2.0
Php Php 5.2.1
Php Php 5.2.8
Php Php 5.2.9
Php Php 5.2.2
Php Php 5.2.3
Php Php 5.2.10
Php Php 5.2.11
Php Php 5.3.1
Php Php 5.3.2
Php Php 5.3.0
NA
CVE-2010-2100
The (1) htmlentities, (2) htmlspecialchars, (3) str_getcsv, (4) http_build_query, (5) strpbrk, and (6) strtr functions in PHP 5.2 up to and including 5.2.13 and 5.3 up to and including 5.3.2 allow context-dependent malicious users to obtain sensitive information (memory contents)...
Php Php 5.2.1
Php Php 5.2.2
Php Php 5.2.3
Php Php 5.2.10
Php Php 5.2.11
Php Php 5.2.0
Php Php 5.2.8
Php Php 5.2.9
Php Php 5.3.2
Php Php 5.2.4
Php Php 5.2.5
Php Php 5.3.0
Php Php 5.2.12
Php Php 5.2.6
Php Php 5.2.7
Php Php 5.2.13
Php Php 5.3.1
NA
CVE-2010-3065
The default session serializer in PHP 5.2 up to and including 5.2.13 and 5.3 up to and including 5.3.2 does not properly handle the PS_UNDEF_MARKER marker, which allows context-dependent malicious users to modify arbitrary session variables via a crafted session variable name.
Php Php 5.2.7
Php Php 5.2.8
Php Php 5.3.1
Php Php 5.3.2
Php Php 5.2.5
Php Php 5.2.6
Php Php 5.2.13
Php Php 5.3.0
Php Php 5.2.2
Php Php 5.2.3
Php Php 5.2.4
Php Php 5.2.11
Php Php 5.2.12
Php Php 5.2.0
Php Php 5.2.1
Php Php 5.2.9
Php Php 5.2.10
NA
CVE-2010-2190
The (1) trim, (2) ltrim, (3) rtrim, and (4) substr_replace functions in PHP 5.2 up to and including 5.2.13 and 5.3 up to and including 5.3.2 allow context-dependent malicious users to obtain sensitive information (memory contents) by causing a userspace interruption of an interna...
Php Php 5.2.5
Php Php 5.2.6
Php Php 5.2.12
Php Php 5.2.13
Php Php 5.2.7
Php Php 5.2.8
Php Php 5.3.1
Php Php 5.3.2
Php Php 5.2.3
Php Php 5.2.4
Php Php 5.2.11
Php Php 5.3.0
Php Php 5.2.0
Php Php 5.2.1
Php Php 5.2.2
Php Php 5.2.9
Php Php 5.2.10
NA
CVE-2007-2872
Multiple integer overflows in the chunk_split function in PHP 5 prior to 5.2.3 and PHP 4 prior to 4.4.8 allow remote malicious users to cause a denial of service (crash) or execute arbitrary code via the (1) chunks, (2) srclen, and (3) chunklen arguments.
Php Php 5.1.5
Php Php 5.1.2
Php Php 5.1.1
Php Php 5.1.6
Php Php 5.2.2
Php Php 5.0.5
Php Php 5.0.1
Php Php 5.1.4
Php Php 5.0.4
Php Php
Php Php 5.0.3
Php Php 5.1.0
Php Php 5.2.0
Php Php 5.1.3
Php Php 5.0.2
Php Php 5.2.1
Php Php 5.0.0
1 EDB exploit
NA
CVE-2010-2097
The (1) iconv_mime_decode, (2) iconv_substr, and (3) iconv_mime_encode functions in PHP 5.2 up to and including 5.2.13 and 5.3 up to and including 5.3.2 allow context-dependent malicious users to obtain sensitive information (memory contents) by causing a userspace interruption o...
Php Php 5.2.0
Php Php 5.2.7
Php Php 5.2.8
Php Php 5.3.1
Php Php 5.3.2
Php Php 5.2.1
Php Php 5.2.2
Php Php 5.2.9
Php Php 5.2.10
Php Php 5.2.5
Php Php 5.2.6
Php Php 5.2.12
Php Php 5.2.13
Php Php 5.2.3
Php Php 5.2.4
Php Php 5.2.11
Php Php 5.3.0
NA
CVE-2010-2101
The (1) strip_tags, (2) setcookie, (3) strtok, (4) wordwrap, (5) str_word_count, and (6) str_pad functions in PHP 5.2 up to and including 5.2.13 and 5.3 up to and including 5.3.2 allow context-dependent malicious users to obtain sensitive information (memory contents) by causing ...
Php Php 5.2.0
Php Php 5.2.1
Php Php 5.2.9
Php Php 5.2.10
Php Php 5.2.6
Php Php 5.2.7
Php Php 5.2.8
Php Php 5.3.1
Php Php 5.3.2
Php Php 5.2.2
Php Php 5.2.3
Php Php 5.2.11
Php Php 5.3.0
Php Php 5.2.4
Php Php 5.2.5
Php Php 5.2.12
Php Php 5.2.13
NA
CVE-2010-2191
The (1) parse_str, (2) preg_match, (3) unpack, and (4) pack functions; the (5) ZEND_FETCH_RW, (6) ZEND_CONCAT, and (7) ZEND_ASSIGN_CONCAT opcodes; and the (8) ArrayObject::uasort method in PHP 5.2 up to and including 5.2.13 and 5.3 up to and including 5.3.2 allow context-dependen...
Php Php 5.2.1
Php Php 5.2.2
Php Php 5.2.10
Php Php 5.2.11
Php Php 5.2.7
Php Php 5.2.8
Php Php 5.2.9
Php Php 5.3.2
Php Php 5.2.0
Php Php 5.2.3
Php Php 5.2.4
Php Php 5.3.0
Php Php 5.2.12
Php Php 5.2.5
Php Php 5.2.6
Php Php 5.2.13
Php Php 5.3.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »