Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php php 5.2.4 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2007-4658
The money_format function in PHP 5 prior to 5.2.4, and PHP 4 prior to 4.4.8, permits multiple (1) %i and (2) %n tokens, which has unknown impact and attack vectors, possibly related to a format string vulnerability.
Php Php 5.1.5
Php Php 5.1.2
Php Php 5.1.1
Php Php 5.2.14
Php Php 5.0.0
Php Php 5.1.6
Php Php 5.2.2
Php Php 5.0.5
Php Php 5.0.1
Php Php 5.1.4
Php Php 5.0.4
Php Php 5.2.12
Php Php 5.2.11
Php Php 5.2.3
Php Php 5.0.3
Php Php 5.1.0
Php Php 5.2.13
Php Php 5.2.0
Php Php 5.1.3
Php Php 5.2.10
Php Php 5.0.2
Php Php 5.2.1
7.5
CVSSv2
CVE-2007-4659
The zend_alter_ini_entry function in PHP prior to 5.2.4 does not properly handle an interruption to the flow of execution triggered by a memory_limit violation, which has unknown impact and attack vectors.
Php Php
7.5
CVSSv2
CVE-2007-4660
Unspecified vulnerability in the chunk_split function in PHP prior to 5.2.4 has unknown impact and attack vectors, related to an incorrect size calculation.
Php Php
7.5
CVSSv2
CVE-2007-4662
Buffer overflow in the php_openssl_make_REQ function in PHP prior to 5.2.4 has unknown impact and attack vectors.
Php Php
7.5
CVSSv2
CVE-2007-3997
The (1) MySQL and (2) MySQLi extensions in PHP 4 prior to 4.4.8, and PHP 5 prior to 5.2.4, allow remote malicious users to bypass safe_mode and open_basedir restrictions via MySQL LOCAL INFILE operations, as demonstrated by a query with LOAD DATA LOCAL INFILE.
Php Php
1 EDB exploit
7.5
CVSSv2
CVE-2006-3926
Multiple SQL injection vulnerabilities in PhpProBid 5.24 allow remote malicious users to execute arbitrary SQL commands via the (1) view or (2) start parameters to (a) viewfeedback.php or the (3) orderType parameter to (b) categories.php.
Php Pro Bid Php Pro Bid 5.24
2 EDB exploits
6.8
CVSSv2
CVE-2011-4718
Session fixation vulnerability in the Sessions subsystem in PHP prior to 5.5.2 allows remote malicious users to hijack web sessions by specifying a session ID.
Php Php 5.5.0
Php Php 5.2.9
Php Php 5.4.12
Php Php 5.3.10
Php Php 5.3.27
Php Php 5.1.5
Php Php 5.4.15
Php Php 5.3.6
Php Php 5.3.9
Php Php 5.1.2
Php Php 5.3.1
Php Php 5.1.1
Php Php 5.3.18
Php Php 5.2.14
Php Php 5.0.0
Php Php 5.1.6
Php Php 5.2.16
Php Php 5.3.24
Php Php 5.3.15
Php Php 5.3.8
Php Php 5.2.7
Php Php 5.2.2
6.8
CVSSv2
CVE-2010-4697
Use-after-free vulnerability in the Zend engine in PHP prior to 5.2.15 and 5.3.x prior to 5.3.4 might allow context-dependent malicious users to cause a denial of service (heap memory corruption) or have unspecified other impact via vectors related to use of __set, __get, __isset...
Php Php 4.3.9
Php Php 4.4.9
Php Php 3.0
Php Php 5.2.9
Php Php 4.0
Php Php 3.0.5
Php Php 3.0.11
Php Php 5.1.5
Php Php 5.1.2
Php Php 4.2.0
Php Php 5.1.1
Php Php 3.0.1
Php Php 3.0.2
Php Php 4.4.4
Php Php 5.0.0
Php Php 4.1.0
Php Php 5.1.6
Php Php 4.3.4
Php Php 4.0.4
Php Php 4.3.0
Php Php 4.0.5
Php Php 5.2.7
6.8
CVSSv2
CVE-2007-4889
The MySQL extension in PHP 5.2.4 and previous versions allows remote malicious users to bypass safe_mode and open_basedir restrictions via the MySQL (1) LOAD_FILE, (2) INTO DUMPFILE, and (3) INTO OUTFILE functions, a different issue than CVE-2007-3997.
Php Mysql Extension
Php Php
6.8
CVSSv2
CVE-2007-3996
Multiple integer overflows in libgd in PHP prior to 5.2.4 allow remote malicious users to cause a denial of service (application crash) and possibly execute arbitrary code via a large (1) srcW or (2) srcH value to the (a) gdImageCopyResized function, or a large (3) sy (height) or...
Php Php
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-30078
CVE-2024-37896
code injection
CVE-2024-3080
CVE-2024-5172
cross-site request forgery
CVE-2024-6111
firmware
CVE-2024-38504
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »