Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php php 5.1.1 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2008-5624
PHP 5 prior to 5.2.7 does not properly initialize the page_uid and page_gid global variables for use by the SAPI php_getuid function, which allows context-dependent malicious users to bypass safe_mode restrictions via variable settings that are intended to be restricted to root, ...
Php Php 5.2.0
Php Php 5.2.7
Php Php 5.1.6
Php Php 5.0.5
Php Php 5.0.4
Php Php 5.0.3
Php Php 5.0.0
Php Php 5.2.1
Php Php 5.2.2
Php Php 5.1.5
Php Php 5.1.4
Php Php 5.0.2
Php Php 5.0.1
Php Php 5.2.3
Php Php 5.2.4
Php Php 5.1.3
Php Php 5.1.2
Php Php 5.2.5
Php Php 5.2.6
Php Php 5.1.1
Php Php 5.1.0
7.5
CVSSv2
CVE-2008-5625
PHP 5 prior to 5.2.7 does not enforce the error_log safe_mode restrictions when safe_mode is enabled through a php_admin_flag setting in httpd.conf, which allows context-dependent malicious users to write to arbitrary files by placing a "php_value error_log" entry in a ...
Php Php 5.2.1
Php Php 5.2.2
Php Php 5.1.3
Php Php 5.1.2
Php Php 5.0.0
Php Php
Php Php 5.2.5
Php Php 5.1.6
Php Php 5.0.5
Php Php 5.0.4
Php Php 5.2.3
Php Php 5.2.4
Php Php 5.1.1
Php Php 5.1.0
Php Php 5.2.0
Php Php 5.1.5
Php Php 5.1.4
Php Php 5.0.3
Php Php 5.0.2
Php Php 5.0.1
1 EDB exploit
7.5
CVSSv2
CVE-2008-2107
The GENERATE_SEED macro in PHP 4.x prior to 4.4.8 and 5.x prior to 5.2.5, when running on 32-bit systems, performs a multiplication using values that can produce a zero seed in rare circumstances, which allows context-dependent malicious users to predict subsequent values of the ...
Php Php 5
Php Php 5.0.0
Php Php 5.0.2
Php Php 5.0.3
Php Php 5.1.5
Php Php 5.1.6
Php Php 5.0.1
Php Php 5.1.3
Php Php 5.1.4
Php Php 5.2.4
Php Php
Php Php 5.0.4
Php Php 5.0.5
Php Php 5.1.0
Php Php 5.2.0
Php Php 5.2.1
Php Php 5.1.1
Php Php 5.1.2
Php Php 5.2.2
Php Php 5.2.3
7.5
CVSSv2
CVE-2008-1635
Directory traversal vulnerability in view_private.php in Keep It Simple Guest Book (KISGB) 5.0.0 and previous versions allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the tmp_theme parameter. NOTE: 5.1.1 is also reportedly affected...
Raven Php Scripts Keep It Simple Guest Book
2 EDB exploits
7.5
CVSSv2
CVE-2007-4658
The money_format function in PHP 5 prior to 5.2.4, and PHP 4 prior to 4.4.8, permits multiple (1) %i and (2) %n tokens, which has unknown impact and attack vectors, possibly related to a format string vulnerability.
Php Php 5.0.4
Php Php 5.0.3
Php Php 5.0.0
Php Php 5.0.2
Php Php 5.2.0
Php Php 5.1.4
Php Php 5.1.0
Php Php 5.2.12
Php Php 5.2.1
Php Php 5.2.2
Php Php 5.2.11
Php Php 5.0.5
Php Php 5.2.13
Php Php 5.1.6
Php Php 5.2.3
Php Php 5.2.10
Php Php 5.1.3
Php Php 5.1.2
Php Php 5.1.1
Php Php 5.0.1
Php Php 5.1.5
Php Php 5.2.14
7.5
CVSSv2
CVE-2007-4033
Buffer overflow in the intT1_EnvGetCompletePath function in lib/t1lib/t1env.c in t1lib 5.1.1 allows context-dependent malicious users to execute arbitrary code via a long FileName parameter. NOTE: this issue was originally reported to be in the imagepsloadfont function in php_gd2...
T1lib T1lib 5.1.1
Php Php 5.2.3
2 EDB exploits
7.5
CVSSv2
CVE-2007-1885
Integer overflow in the str_replace function in PHP 4 prior to 4.4.5 and PHP 5 prior to 5.2.1 allows context-dependent malicious users to execute arbitrary code via a single character search string in conjunction with a long replacement string, which overflows a 32 bit length cou...
Php Php 4.0.1
Php Php 4.0.2
Php Php 4.0.7
Php Php 4.2.1
Php Php 4.2.2
Php Php 4.3.3
Php Php 4.3.4
Php Php 4.4.1
Php Php 4.0.3
Php Php 4.2.3
Php Php 4.2
Php Php 4.3.5
Php Php 4.3.6
Php Php 4.4.3
Php Php 4.4.4
Php Php 5.0.0
Php Php 5.0
Php Php 5.1.4
Php Php 5.1.5
Php Php 4.0.4
Php Php 4.1.0
Php Php 4.1.1
7.5
CVSSv2
CVE-2007-1888
Buffer overflow in the sqlite_decode_binary function in src/encode.c in SQLite 2, as used by PHP 4.x up to and including 5.x and other applications, allows context-dependent malicious users to execute arbitrary code via an empty value of the in parameter. NOTE: some PHP installat...
Php Php 4.0.1
Php Php 4.0.5
Php Php 4.0.6
Php Php 4.0
Php Php 4.2.1
Php Php 4.2.2
Php Php 4.3.2
Php Php 4.3.3
Php Php 4.4.0
Php Php 4.4.1
Php Php 4.4.2
Php Php 5.0.0
Php Php 5.0.3
Php Php 5.0.4
Php Php 5.1.1
Php Php 5.1.2
Php Php 5.1.3
Php Php 4.0.2
Php Php 4.0.7
Php Php 4.2.3
Php Php 4.2
Php Php 4.3.4
7.5
CVSSv2
CVE-2007-1890
Integer overflow in the msg_receive function in PHP 4 prior to 4.4.5 and PHP 5 prior to 5.2.1, on FreeBSD and possibly other platforms, allows context-dependent malicious users to execute arbitrary code via certain maxsize values, as demonstrated by 0xffffffff.
Php Php 4.0.3
Php Php 4.0.7
Php Php 4.1.0
Php Php 4.2
Php Php 4.3.0
Php Php 4.3.5
Php Php 4.3.6
Php Php 4.4.4
Php Php 5.0.0
Php Php 5.0.1
Php Php 5.0
Php Php 5.1.0
Php Php 5.2.0
Php Php 4.0.0
Php Php 4.0.4
Php Php 4.1.1
Php Php 4.1.2
Php Php 4.3.1
Php Php 4.3.10
Php Php 4.3.7
Php Php 4.3.8
Php Php 5.0.2
1 EDB exploit
7.5
CVSSv2
CVE-2007-1825
Buffer overflow in the imap_mail_compose function in PHP 5 prior to 5.2.1, and PHP 4 prior to 4.4.5, allows remote malicious users to execute arbitrary code via a long boundary string in a type.parameters field. NOTE: as of 20070411, it appears that this issue might be subsumed b...
Php Php 4.0.0
Php Php 4.0.1
Php Php 4.0.2
Php Php 4.0.7
Php Php 4.2.2
Php Php 4.2.3
Php Php 4.3.3
Php Php 4.3.4
Php Php 4.4.1
Php Php 4.4.2
Php Php 5.0.5
Php Php 5.0
Php Php 5.1.3
Php Php 5.1.4
Php Php 4.0.5
Php Php 4.0.6
Php Php 4.2.0
Php Php 4.2.1
Php Php 4.3.11
Php Php 4.3.2
Php Php 4.3.9
Php Php 4.4.0
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5248
CVE-2024-3110
CVE-2024-5552
CVE-2024-29415
HTML injection
CVE-2024-3095
TCP
type confusion
CVE-2024-1800
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »