Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php php 2.0b10 vulnerabilities and exploits
(subscribe to this query)
4.4
CVSSv2
CVE-2011-0754
The SplFileInfo::getType function in the Standard PHP Library (SPL) extension in PHP prior to 5.3.4 on Windows does not properly detect symbolic links, which might make it easier for local users to conduct symlink attacks by leveraging cross-platform differences in the stat struc...
Php Php
Php Php 1.0
Php Php 2.0
Php Php 2.0b10
Php Php 3.0
Php Php 3.0.1
Php Php 3.0.2
Php Php 3.0.3
Php Php 3.0.4
Php Php 3.0.5
Php Php 3.0.6
Php Php 3.0.7
Php Php 3.0.8
Php Php 3.0.9
Php Php 3.0.10
Php Php 3.0.11
Php Php 3.0.12
Php Php 3.0.13
Php Php 3.0.14
Php Php 3.0.15
Php Php 3.0.16
Php Php 3.0.17
4.4
CVSSv2
CVE-2007-4652
The session extension in PHP prior to 5.2.4 might allow local users to bypass open_basedir restrictions via a session file that is a symlink.
Php Php 4.3.9
Php Php 4.4.9
Php Php 3.0
Php Php 4.0
Php Php 3.0.5
Php Php 3.0.11
Php Php 5.1.5
Php Php 5.1.2
Php Php 4.2.0
Php Php 5.1.1
Php Php 3.0.1
Php Php 3.0.2
Php Php 4.4.4
Php Php 5.0.0
Php Php 4.1.0
Php Php 5.1.6
Php Php 4.3.4
Php Php 4.0.4
Php Php 4.3.0
Php Php 4.0.5
Php Php 5.2.2
Php Php 3.0.8
1 EDB exploit
4.3
CVSSv2
CVE-2011-0708
exif.c in the Exif extension in PHP prior to 5.3.6 on 64-bit platforms performs an incorrect cast, which allows remote malicious users to cause a denial of service (application crash) via an image with a crafted Image File Directory (IFD) that triggers a buffer over-read.
Php Php 4.3.9
Php Php 4.4.9
Php Php 3.0
Php Php 5.2.9
Php Php 4.0
Php Php 3.0.5
Php Php 3.0.11
Php Php 5.2.4
Php Php 5.1.5
Php Php 5.1.2
Php Php 5.3.1
Php Php 4.2.0
Php Php 5.1.1
Php Php 3.0.1
Php Php 5.2.14
Php Php 3.0.2
Php Php 4.4.4
Php Php 5.0.0
Php Php 4.1.0
Php Php 5.1.6
Php Php 5.2.16
Php Php 4.3.4
1 EDB exploit
4.3
CVSSv2
CVE-2011-0421
The _zip_name_locate function in zip_name_locate.c in the Zip extension in PHP prior to 5.3.6 does not properly handle a ZIPARCHIVE::FL_UNCHANGED argument, which might allow context-dependent malicious users to cause a denial of service (NULL pointer dereference) via an empty ZIP...
Php Php 4.3.9
Php Php 4.4.9
Php Php 3.0
Php Php 5.2.9
Php Php 4.0
Php Php 3.0.5
Php Php 3.0.11
Php Php 5.2.4
Php Php 5.1.5
Php Php 5.1.2
Php Php 5.3.1
Php Php 4.2.0
Php Php 5.1.1
Php Php 3.0.1
Php Php 5.2.14
Php Php 3.0.2
Php Php 4.4.4
Php Php 5.0.0
Php Php 4.1.0
Php Php 5.1.6
Php Php 5.2.16
Php Php 4.3.4
1 EDB exploit
4.3
CVSSv2
CVE-2011-1464
Buffer overflow in the strval function in PHP prior to 5.3.6, when the precision configuration option has a large value, might allow context-dependent malicious users to cause a denial of service (application crash) via a small numerical value in the argument.
Php Php 4.3.9
Php Php 4.4.9
Php Php 3.0
Php Php 5.2.9
Php Php 4.0
Php Php 3.0.5
Php Php 3.0.11
Php Php 5.2.4
Php Php 5.1.5
Php Php 5.1.2
Php Php 5.3.1
Php Php 4.2.0
Php Php 5.1.1
Php Php 3.0.1
Php Php 5.2.14
Php Php 3.0.2
Php Php 4.4.4
Php Php 5.0.0
Php Php 4.1.0
Php Php 5.1.6
Php Php 5.2.16
Php Php 4.3.4
4.3
CVSSv2
CVE-2011-1468
Multiple memory leaks in the OpenSSL extension in PHP prior to 5.3.6 might allow remote malicious users to cause a denial of service (memory consumption) via (1) plaintext data to the openssl_encrypt function or (2) ciphertext data to the openssl_decrypt function.
Php Php 4.3.9
Php Php 4.4.9
Php Php 3.0
Php Php 5.2.9
Php Php 4.0
Php Php 3.0.5
Php Php 3.0.11
Php Php 5.2.4
Php Php 5.1.5
Php Php 5.1.2
Php Php 5.3.1
Php Php 4.2.0
Php Php 5.1.1
Php Php 3.0.1
Php Php 5.2.14
Php Php 3.0.2
Php Php 4.4.4
Php Php 5.0.0
Php Php 4.1.0
Php Php 5.1.6
Php Php 5.2.16
Php Php 4.3.4
2 EDB exploits
4.3
CVSSv2
CVE-2011-1469
Unspecified vulnerability in the Streams component in PHP prior to 5.3.6 allows context-dependent malicious users to cause a denial of service (application crash) by accessing an ftp:// URL during use of an HTTP proxy with the FTP wrapper.
Php Php 4.3.9
Php Php 4.4.9
Php Php 3.0
Php Php 5.2.9
Php Php 4.0
Php Php 3.0.5
Php Php 3.0.11
Php Php 5.2.4
Php Php 5.1.5
Php Php 5.1.2
Php Php 5.3.1
Php Php 4.2.0
Php Php 5.1.1
Php Php 3.0.1
Php Php 5.2.14
Php Php 3.0.2
Php Php 4.4.4
Php Php 5.0.0
Php Php 4.1.0
Php Php 5.1.6
Php Php 5.2.16
Php Php 4.3.4
4.3
CVSSv2
CVE-2011-1470
The Zip extension in PHP prior to 5.3.6 allows context-dependent malicious users to cause a denial of service (application crash) via a ziparchive stream that is not properly handled by the stream_get_contents function.
Php Php 4.3.9
Php Php 4.4.9
Php Php 3.0
Php Php 5.2.9
Php Php 4.0
Php Php 3.0.5
Php Php 3.0.11
Php Php 5.2.4
Php Php 5.1.5
Php Php 5.1.2
Php Php 5.3.1
Php Php 4.2.0
Php Php 5.1.1
Php Php 3.0.1
Php Php 5.2.14
Php Php 3.0.2
Php Php 4.4.4
Php Php 5.0.0
Php Php 4.1.0
Php Php 5.1.6
Php Php 5.2.16
Php Php 4.3.4
1 EDB exploit
4.3
CVSSv2
CVE-2011-0753
Race condition in the PCNTL extension in PHP prior to 5.3.4, when a user-defined signal handler exists, might allow context-dependent malicious users to cause a denial of service (memory corruption) via a large number of concurrent signals.
Php Php 4.3.9
Php Php 4.4.9
Php Php 3.0
Php Php 4.0
Php Php 3.0.5
Php Php 3.0.11
Php Php 5.3.1
Php Php 4.2.0
Php Php 3.0.1
Php Php 3.0.2
Php Php 4.4.4
Php Php 4.1.0
Php Php 4.3.4
Php Php 4.0.4
Php Php 4.3.0
Php Php 4.0.5
Php Php 3.0.8
Php Php 4.3.6
Php Php 3.0.13
Php Php 4.3.7
Php Php 4.2.2
Php Php 4.4.2
4.3
CVSSv2
CVE-2009-4142
The htmlspecialchars function in PHP prior to 5.2.12 does not properly handle (1) overlong UTF-8 sequences, (2) invalid Shift_JIS sequences, and (3) invalid EUC-JP sequences, which allows remote malicious users to conduct cross-site scripting (XSS) attacks by placing a crafted by...
Php Php 4.3.9
Php Php 4.4.9
Php Php 3.0
Php Php 5.2.9
Php Php 4.0
Php Php 3.0.5
Php Php 3.0.11
Php Php 5.1.5
Php Php 4.2.0
Php Php 5.1.1
Php Php 3.0.1
Php Php 3.0.2
Php Php 4.4.4
Php Php 5.0.0
Php Php 4.1.0
Php Php 5.1.6
Php Php 4.3.4
Php Php 4.0.4
Php Php 4.3.0
Php Php 4.0.5
Php Php 5.0
Php Php 5.2.2
2 EDB exploits
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »