Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php php 5.3.0 vulnerabilities and exploits
(subscribe to this query)
516
VMScore
CVE-2012-1172
The file-upload implementation in rfc1867.c in PHP prior to 5.4.0 does not properly handle invalid [ (open square bracket) characters in name values, which makes it easier for remote malicious users to cause a denial of service (malformed $_FILES indexes) or conduct directory tra...
Php Php 5.3.3
Php Php 5.3.2
Php Php 5.2.5
Php Php 5.2.11
Php Php 5.2.0
Php Php 5.3.0
Php Php 5.3.1
Php Php 5.3.5
Php Php 5.2.6
Php Php 5.2.9
Php Php 5.2.17
Php Php 5.2.10
Php Php 5.1.1
Php Php 5.1.0
Php Php 5.1.6
Php Php 5.0.3
Php Php 5.0.0
Php Php 5.2.3
Php Php 5.2.4
Php Php 5.2.14
Php Php 5.0.2
Php Php 5.3.7
515
VMScore
CVE-2011-4885
PHP prior to 5.3.9 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote malicious users to cause a denial of service (CPU consumption) by sending many crafted parameters.
Php Php 5.2.16
Php Php 5.3.4
Php Php 5.2.12
Php Php 5.2.11
Php Php 5.2.4
Php Php 5.2.3
Php Php 5.1.2
Php Php 5.1.1
Php Php 5.0.0
Php Php 5.2.15
Php Php 5.3.3
Php Php 5.2.10
Php Php 5.2.9
Php Php 5.2.2
Php Php 5.2.1
Php Php 5.0.5
Php Php 5.0.4
Php Php 5.3.6
Php Php 5.3.5
Php Php 5.2.17
Php Php 5.3.1
Php Php 5.3.0
3 EDB exploits
505
VMScore
CVE-2014-2268
views/Index.php in the Install module in vTiger 6.0 before Security Patch 2 does not properly restrict access, which allows remote malicious users to re-install the application via a request that sets the X-Requested-With HTTP header, as demonstrated by executing arbitrary PHP co...
Vtiger Vtiger Crm 1.0
Vtiger Vtiger Crm 2.0
Vtiger Vtiger Crm 2.0.1
Vtiger Vtiger Crm 2.1
Vtiger Vtiger Crm 5.0.2
Vtiger Vtiger Crm 5.0.3
Vtiger Vtiger Crm 5.0.4
Vtiger Vtiger Crm 5.1.0
Vtiger Vtiger Crm 4
Vtiger Vtiger Crm 4.0
Vtiger Vtiger Crm 4.0.1
Vtiger Vtiger Crm 5.4.0
Vtiger Vtiger Crm 6.0.0
Vtiger Vtiger Crm 3.0
Vtiger Vtiger Crm 4.2
Vtiger Vtiger Crm 5.0.0
Vtiger Vtiger Crm 5.2.1
Vtiger Vtiger Crm 3.2
Vtiger Vtiger Crm 4.2.4
Vtiger Vtiger Crm 5.0.1
Vtiger Vtiger Crm 5.2.0
Vtiger Vtiger Crm 5.3.0
1 EDB exploit
505
VMScore
CVE-2012-0788
The PDORow implementation in PHP prior to 5.3.9 does not properly interact with the session feature, which allows remote malicious users to cause a denial of service (application crash) via a crafted application that uses a PDO driver for a fetch and then calls the session_start ...
Php Php 5.2.15
Php Php 5.3.3
Php Php 5.2.14
Php Php 5.2.9
Php Php 5.2.8
Php Php 5.2.1
Php Php 5.2.0
Php Php 5.3.5
Php Php 5.2.17
Php Php 5.3.0
Php Php 5.2.12
Php Php 5.2.5
Php Php 5.2.4
Php Php 5.1.4
Php Php 5.1.3
Php Php 5.0.0
Php Php
Php Php 5.0.4
Php Php 5.0.3
Php Php 5.3.7
Php Php 5.3.6
Php Php 5.3.2
1 EDB exploit
505
VMScore
CVE-2012-0789
Memory leak in the timezone functionality in PHP prior to 5.3.9 allows remote malicious users to cause a denial of service (memory consumption) by triggering many strtotime function calls, which are not properly handled by the php_date_parse_tzfile cache.
Php Php 5.2.15
Php Php 5.3.3
Php Php 5.2.9
Php Php 5.2.8
Php Php 5.2.1
Php Php 5.2.0
Php Php 5.0.5
Php Php 5.0.4
Php Php 5.0.3
Php Php 5.0.0
Php Php 5.3.5
Php Php 5.2.17
Php Php 5.3.0
Php Php 5.2.12
Php Php 5.2.5
Php Php 5.2.4
Php Php 5.1.4
Php Php 5.1.3
Php Php
Php Php 5.2.16
Php Php 5.3.4
Php Php 5.2.11
1 EDB exploit
505
VMScore
CVE-2011-3182
PHP prior to 5.3.7 does not properly check the return values of the malloc, calloc, and realloc library functions, which allows context-dependent malicious users to cause a denial of service (NULL pointer dereference and application crash) or trigger a buffer overflow by leveragi...
Php Php 4.3.3
Php Php 4.3.6
Php Php 4.4.6
Php Php 4.4.7
Php Php 4.3.9
Php Php 5.2.8
Php Php 4.4.0
Php Php 5.0.4
Php Php 5.2.9
Php Php 5.0.0
Php Php 5.1.6
Php Php 5.2.0
Php Php 2.0b10
Php Php 2.0
Php Php 3.0.11
Php Php 3.0.10
Php Php 3.0.3
Php Php 3.0.15
Php Php 3.0.7
Php Php 3.0.8
Php Php 4.0
Php Php 4.0.6
1 EDB exploit
505
VMScore
CVE-2011-1467
Unspecified vulnerability in the NumberFormatter::setSymbol (aka numfmt_set_symbol) function in the Intl extension in PHP prior to 5.3.6 allows context-dependent malicious users to cause a denial of service (application crash) via an invalid argument, a related issue to CVE-2010-...
Php Php 4.0.1
Php Php 4.0.2
Php Php 4.0
Php Php 4.2.0
Php Php 4.3.10
Php Php 4.3.11
Php Php 4.3.8
Php Php 4.3.9
Php Php 4.4.6
Php Php 4.4.7
Php Php 4.4.8
Php Php 3.0
Php Php 3.0.2
Php Php 3.0.16
Php Php 3.0.9
Php Php 5.2.9
Php Php 5.2.12
Php Php 5.2.6
Php Php 5.2.8
Php Php 5.2.16
Php Php 5.2.7
Php Php 5.1.5
1 EDB exploit
505
VMScore
CVE-2010-4645
strtod.c, as used in the zend_strtod function in PHP 5.2 prior to 5.2.17 and 5.3 prior to 5.3.5, and other products, allows context-dependent malicious users to cause a denial of service (infinite loop) via a certain floating-point value in scientific notation, which is not prope...
Php Php 5.2.9
Php Php 5.2.14
Php Php 5.2.16
Php Php 5.2.7
Php Php 5.2.2
Php Php 5.2.5
Php Php 5.2.12
Php Php 5.2.11
Php Php 5.2.6
Php Php 5.2.3
Php Php 5.2.13
Php Php 5.2.0
Php Php 5.2.4
Php Php 5.2.10
Php Php 5.2.15
Php Php 5.2.1
Php Php 5.2.8
Php Php 5.3.1
Php Php 5.3.0
Php Php 5.3.3
Php Php 5.3.2
Php Php 5.3.4
1 EDB exploit
505
VMScore
CVE-2010-4409
Integer overflow in the NumberFormatter::getSymbol (aka numfmt_get_symbol) function in PHP 5.3.3 and previous versions allows context-dependent malicious users to cause a denial of service (application crash) via an invalid argument.
Php Php 4.0
Php Php 4.0.0
Php Php 4.2.0
Php Php 4.3.1
Php Php 4.3.7
Php Php 4.3.8
Php Php 4.4.5
Php Php 4.4.6
Php Php 3.0.12
Php Php 3.0.1
Php Php 3.0.17
Php Php 3.0.16
Php Php 2.0
Php Php 1.0
Php Php 5.3.0
Php Php 4.0.3
Php Php 4.0.4
Php Php 4.1.0
Php Php 4.2.2
Php Php 4.2.3
Php Php 4.3.2
Php Php 4.3.3
1 EDB exploit
505
VMScore
CVE-2009-4017
PHP prior to 5.2.12 and 5.3.x prior to 5.3.1 does not restrict the number of temporary files created when handling a multipart/form-data POST request, which allows remote malicious users to cause a denial of service (resource exhaustion), and makes it easier for remote malicious ...
Php Php
Php Php 5.3.0
Debian Debian Linux 5.0
Apple Mac Os X 10.6.3
Debian Debian Linux 4.0
Debian Debian Linux 6.0
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »