Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php php 5.2.14 vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2011-0755
Integer overflow in the mt_rand function in PHP prior to 5.3.4 might make it easier for context-dependent malicious users to predict the return values by leveraging a script's use of a large max parameter, as demonstrated by a value that exceeds mt_getrandmax.
Php Php 4.0.1
Php Php 4.0.2
Php Php 4.0.3
Php Php 4.0
Php Php 4.2.1
Php Php 4.3.11
Php Php 4.3.2
Php Php 4.3.9
Php Php 4.4.0
Php Php 4.4.7
Php Php 4.4.8
Php Php 3.0.2
Php Php 3.0.18
Php Php 3.0.9
Php Php 3.0.7
Php Php
Php Php 5.2.9
Php Php 5.2.6
Php Php 5.2.8
Php Php 5.2.16
Php Php 5.2.7
Php Php 5.1.4
445
VMScore
CVE-2010-4699
The iconv_mime_decode_headers function in the Iconv extension in PHP prior to 5.3.4 does not properly handle encodings that are unrecognized by the iconv and mbstring (aka Multibyte String) implementations, which allows remote malicious users to trigger an incomplete output array...
Php Php 5.3.1
Php Php 5.3.2
Php Php 4.0.5
Php Php 4.0.6
Php Php 4.0
Php Php 4.0.0
Php Php 4.0.7
Php Php 4.2.0
Php Php 4.3.1
Php Php 4.3.7
Php Php 4.3.8
Php Php 4.4.5
Php Php 4.4.6
Php Php 3.0.12
Php Php 3.0.1
Php Php 3.0.17
Php Php 3.0.16
Php Php 2.0
Php Php 1.0
Php Php 5.2.5
Php Php 5.2.0
Php Php 5.2.17
445
VMScore
CVE-2010-4698
Stack-based buffer overflow in the GD extension in PHP prior to 5.2.15 and 5.3.x prior to 5.3.4 allows context-dependent malicious users to cause a denial of service (application crash) via a large number of anti-aliasing steps in an argument to the imagepstext function.
Php Php 5.2.12
Php Php 5.2.10
Php Php 5.2.1
Php Php 5.2.2
Php Php 5.2.0
Php Php 5.2.4
Php Php 5.3.1
Php Php 5.3.2
Php Php 5.2.3
Php Php 5.2.14
Php Php 5.2.13
Php Php 5.2.11
Php Php 5.3.3
Php Php 5.3.0
445
VMScore
CVE-2006-7243
PHP prior to 5.3.4 accepts the \0 character in a pathname, which might allow context-dependent malicious users to bypass intended access restrictions by placing a safe file extension after this character, as demonstrated by .php\0.jpg at the end of the argument to the file_exists...
Php Php 5.3.0
Php Php 4.0.3
Php Php 4.0.4
Php Php 4.0
Php Php 4.1.0
Php Php 4.2.2
Php Php 4.2.3
Php Php 4.3.2
Php Php 4.3.3
Php Php 4.4.1
Php Php 4.4.2
Php Php 4.4.9
Php Php 3.0.11
Php Php 3.0.18
Php Php 3.0.4
Php Php 3.0.8
Php Php 3.0.5
Php Php 5.2.12
Php Php 5.2.10
Php Php 5.2.8
Php Php 5.2.3
Php Php 5.2.4
2 Articles
445
VMScore
CVE-2010-4150
Double free vulnerability in the imap_do_open function in the IMAP extension (ext/imap/php_imap.c) in PHP 5.2 prior to 5.2.15 and 5.3 prior to 5.3.4 allows malicious users to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors.
Php Php 5.2.4
Php Php 5.2.3
Php Php 5.3.2
Php Php 5.2.11
Php Php 5.2.0
Php Php 5.3.0
Php Php 5.3.1
Php Php 5.2.12
Php Php 5.2.10
Php Php 5.2.13
Php Php 5.2.2
Php Php 5.3.3
Php Php 5.2.14
Php Php 5.2.1
445
VMScore
CVE-2010-2484
The strrchr function in PHP 5.2 prior to 5.2.14 allows context-dependent malicious users to obtain sensitive information (memory contents) or trigger memory corruption by causing a userspace interruption of an internal function or handler.
Php Php 5.2.11
Php Php 5.2.5
Php Php 5.2.2
Php Php 5.2.9
Php Php 5.2.6
Php Php 5.2.8
Php Php 5.2.0
Php Php 5.2.4
Php Php 5.2.13
Php Php 5.2.12
Php Php 5.2.10
Php Php 5.2.3
Php Php 5.2.1
440
VMScore
CVE-2011-1468
Multiple memory leaks in the OpenSSL extension in PHP prior to 5.3.6 might allow remote malicious users to cause a denial of service (memory consumption) via (1) plaintext data to the openssl_encrypt function or (2) ciphertext data to the openssl_decrypt function.
Php Php 4.0.3
Php Php 4.0.4
Php Php 4.0
Php Php 4.2.1
Php Php 4.2.2
Php Php 4.3.2
Php Php 4.3.3
Php Php 4.4.0
Php Php 4.4.1
Php Php 4.4.8
Php Php 4.4.9
Php Php 3.0.11
Php Php 3.0.18
Php Php 3.0.4
Php Php 3.0.7
Php Php 3.0.8
Php Php 5.2.10
Php Php 5.2.13
Php Php 5.2.3
Php Php 5.2.14
Php Php 5.2.4
Php Php 5.1.3
2 EDB exploits
435
VMScore
CVE-2011-0708
exif.c in the Exif extension in PHP prior to 5.3.6 on 64-bit platforms performs an incorrect cast, which allows remote malicious users to cause a denial of service (application crash) via an image with a crafted Image File Directory (IFD) that triggers a buffer over-read.
Php Php 4.0.2
Php Php 4.0.3
Php Php 5.3.0
Php Php 4.0.4
Php Php 4.0.5
Php Php 4.0
Php Php 4.1.0
Php Php 4.2.2
Php Php 4.2.3
Php Php 4.3.3
Php Php 4.3.4
Php Php 4.4.1
Php Php 4.4.2
Php Php 3.0.11
Php Php 3.0.10
Php Php 3.0.4
Php Php 3.0.3
Php Php 3.0.8
Php Php 3.0.5
Php Php 5.2.13
Php Php 5.2.11
Php Php 5.2.14
1 EDB exploit
435
VMScore
CVE-2011-1470
The Zip extension in PHP prior to 5.3.6 allows context-dependent malicious users to cause a denial of service (application crash) via a ziparchive stream that is not properly handled by the stream_get_contents function.
Php Php 5.3.2
Php Php 4.0
Php Php 4.0.7
Php Php 4.1.2
Php Php 4.3.0
Php Php 4.3.6
Php Php 4.3.7
Php Php 4.4.4
Php Php 4.4.5
Php Php 3.0.13
Php Php 3.0.12
Php Php 3.0.1
Php Php 3.0.14
Php Php 3.0.17
Php Php 2.0b10
Php Php 2.0
Php Php 5.2.0
Php Php 5.2.4
Php Php 5.2.17
Php Php 5.2.15
Php Php 5.1.0
Php Php 5.1.6
1 EDB exploit
435
VMScore
CVE-2011-0421
The _zip_name_locate function in zip_name_locate.c in the Zip extension in PHP prior to 5.3.6 does not properly handle a ZIPARCHIVE::FL_UNCHANGED argument, which might allow context-dependent malicious users to cause a denial of service (NULL pointer dereference) via an empty ZIP...
Php Php 4.0.2
Php Php 4.0.3
Php Php 4.0
Php Php 4.2.1
Php Php 4.2.2
Php Php 4.3.11
Php Php 4.3.2
Php Php 4.3.9
Php Php 4.4.0
Php Php 4.4.8
Php Php 4.4.9
Php Php 3.0.2
Php Php 3.0.18
Php Php 3.0.9
Php Php 3.0.7
Php Php 3.0.8
Php Php 5.2.12
Php Php 4.0.0
Php Php 4.0.1
Php Php 4.2.0
Php Php 4.3.1
Php Php 4.3.10
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »