Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php php 4.4.3 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2011-0754
The SplFileInfo::getType function in the Standard PHP Library (SPL) extension in PHP prior to 5.3.4 on Windows does not properly detect symbolic links, which might make it easier for local users to conduct symlink attacks by leveraging cross-platform differences in the stat struc...
Php Php 3.0.14
Php Php 3.0.3
Php Php 4.0.1
Php Php 4.0.6
Php Php 4.0
Php Php 4.3.0
Php Php 4.3.4
Php Php 4.3.6
Php Php 4.4.6
Php Php 4.4.7
Php Php 3.0.13
Php Php 3.0.15
Php Php 4.4.4
Php Php 4.3.3
Php Php 1.0
Php Php 2.0
Php Php 3.0.7
Php Php 4.0.2
Php Php 4.2.1
Php Php 4.2.2
Php Php 4.2.0
Php Php 4.3.10
NA
CVE-2010-4409
Integer overflow in the NumberFormatter::getSymbol (aka numfmt_get_symbol) function in PHP 5.3.3 and previous versions allows context-dependent malicious users to cause a denial of service (application crash) via an invalid argument.
Php Php 4.0
Php Php 4.0.0
Php Php 4.2.0
Php Php 4.3.1
Php Php 4.3.7
Php Php 4.3.8
Php Php 4.4.5
Php Php 4.4.6
Php Php 3.0.12
Php Php 3.0.1
Php Php 3.0.17
Php Php 3.0.16
Php Php 2.0
Php Php 1.0
Php Php 5.3.0
Php Php 4.0.3
Php Php 4.0.4
Php Php 4.1.0
Php Php 4.2.2
Php Php 4.2.3
Php Php 4.3.2
Php Php 4.3.3
1 EDB exploit
NA
CVE-2011-0753
Race condition in the PCNTL extension in PHP prior to 5.3.4, when a user-defined signal handler exists, might allow context-dependent malicious users to cause a denial of service (memory corruption) via a large number of concurrent signals.
Php Php 4.0.2
Php Php 4.0.3
Php Php 4.0
Php Php 4.2.1
Php Php 4.2.2
Php Php 4.3.11
Php Php 4.3.2
Php Php 4.3.9
Php Php 4.4.0
Php Php 4.4.8
Php Php 4.4.9
Php Php 5.3.2
Php Php 4.0.6
Php Php 4.0.7
Php Php 5.3.0
Php Php 5.3.1
Php Php 4.0.4
Php Php 4.0.5
Php Php 4.1.0
Php Php 4.2.3
Php Php 4.3.3
Php Php 4.3.4
NA
CVE-2006-1017
The c-client library 2000, 2001, or 2004 for PHP prior to 4.4.4 and 5.x prior to 5.1.5 do not check the (1) safe_mode or (2) open_basedir functions, and when used in applications that accept user-controlled input for the mailbox argument to the imap_open function, allow remote ma...
Php Php 3.0
Php Php 3.0.1
Php Php 3.0.17
Php Php 3.0.18
Php Php 3.0.8
Php Php 3.0.9
Php Php 4.0.3
Php Php 4.0.4
Php Php 4.0.5
Php Php 4.1.1
Php Php 4.1.2
Php Php 4.3.1
Php Php 4.3.10
Php Php 4.3.8
Php Php 4.3.9
Php Php 5.0.0
Php Php 5.0.3
Php Php 5.0.4
Php Php 5.1.3
Php Php 5.1.4
Php Php 3.0.13
Php Php 3.0.14
NA
CVE-2007-1461
The compress.bzip2:// URL wrapper provided by the bz2 extension in PHP prior to 4.4.7, and 5.x prior to 5.2.2, does not implement safemode or open_basedir checks, which allows remote malicious users to read bzip2 archives located outside of the intended directories.
Php Php 5.0.5
Php Php 5.1.1
Php Php 5.1.6
Php Php 5.2.1
Php Php 5.0.0
Php Php 5.0.1
Php Php 5.0.2
Php Php 5.0.3
Php Php 5.1.2
Php Php 5.1.3
Php Php 5.1.4
Php Php 5.1.5
Php Php 5.0.4
Php Php 5.1.0
Php Php 5.2.0
Php Php
Php Php 4.3.4
Php Php 4.3.6
Php Php 4.3.0
Php Php 4.3.8
Php Php 4.4.3
Php Php 4.0
NA
CVE-2011-1148
Use-after-free vulnerability in the substr_replace function in PHP 5.3.6 and previous versions allows context-dependent malicious users to cause a denial of service (memory corruption) or possibly have unspecified other impact by using the same variable for multiple arguments.
Php Php 5.3.0
Php Php 4.0.3
Php Php 4.0.4
Php Php 4.0
Php Php 4.1.0
Php Php 4.2.2
Php Php 4.2.3
Php Php 4.3.2
Php Php 4.3.3
Php Php 4.4.1
Php Php 4.4.2
Php Php 4.4.9
Php Php 3.0.11
Php Php 3.0.18
Php Php 3.0.4
Php Php 3.0.8
Php Php 3.0.5
Php Php 5.3.5
Php Php
Php Php 4.0.1
Php Php 4.0.2
Php Php 4.2.1
NA
CVE-2011-2202
The rfc1867_post_handler function in main/rfc1867.c in PHP prior to 5.3.7 does not properly restrict filenames in multipart/form-data POST requests, which allows remote malicious users to conduct absolute path traversal attacks, and possibly create or overwrite arbitrary files, v...
Php Php 5.3.0
Php Php 4.0.4
Php Php 4.0.5
Php Php 4.0
Php Php 4.1.0
Php Php 4.2.2
Php Php 4.2.3
Php Php 4.3.3
Php Php 4.3.4
Php Php 4.4.1
Php Php 4.4.2
Php Php 3.0.11
Php Php 3.0.10
Php Php 3.0.4
Php Php 3.0.3
Php Php 3.0.8
Php Php 3.0.5
Php Php
Php Php 4.0.0
Php Php 4.0.1
Php Php 4.2.0
Php Php 4.3.1
1 EDB exploit
NA
CVE-2007-0906
Multiple buffer overflows in PHP prior to 5.2.1 allow malicious users to cause a denial of service and possibly execute arbitrary code via unspecified vectors in the (1) session, (2) zip, (3) imap, and (4) sqlite extensions; (5) stream filters; and the (6) str_replace, (7) mail, ...
Php Php 3.0.12
Php Php 3.0.13
Php Php 3.0.3
Php Php 3.0.4
Php Php 4.0.1
Php Php 4.0.7
Php Php 3.0.1
Php Php 3.0.10
Php Php 3.0.11
Php Php 3.0.18
Php Php 3.0.2
Php Php 3.0.9
Php Php 4.0
Php Php 4.0.4
Php Php 4.0.5
Php Php 4.0.6
Php Php 4.1.2
Php Php 4.2.0
Php Php 4.3.10
Php Php 4.3.11
Php Php 4.3.9
Php Php 4.4.0
NA
CVE-2007-0907
Buffer underflow in PHP prior to 5.2.1 allows malicious users to cause a denial of service via unspecified vectors involving the sapi_header_op function.
Php Php 3.0.13
Php Php 3.0.14
Php Php 3.0.4
Php Php 3.0.5
Php Php 4.0.1
Php Php 4.0.7
Php Php 4.2.2
Php Php 4.2.3
Php Php 4.3.3
Php Php 4.3.4
Php Php 4.3.5
Php Php 4.4.2
Php Php 4.4.3
Php Php 5.0.5
Php Php 5.0
Php Php 5.1.5
Php Php 5.1.6
Php Php 3.0
Php Php 3.0.15
Php Php 3.0.16
Php Php 3.0.6
Php Php 3.0.7
NA
CVE-2007-0909
Multiple format string vulnerabilities in PHP prior to 5.2.1 might allow malicious users to execute arbitrary code via format string specifiers to (1) all of the *print functions on 64-bit systems, and (2) the odbc_result_all function.
Php Php 3.0.1
Php Php 3.0.10
Php Php 3.0.17
Php Php 3.0.18
Php Php 3.0.9
Php Php 4.0
Php Php 4.0.4
Php Php 4.0.5
Php Php 4.1.1
Php Php 4.1.2
Php Php 4.3.10
Php Php 4.3.11
Php Php 4.3.8
Php Php 4.3.9
Php Php 5.0.1
Php Php 5.0.2
Php Php 5.1.1
Php Php 5.1.2
Php Php 3.0.11
Php Php 3.0.12
Php Php 3.0.2
Php Php 3.0.3
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2024-5274
CVE-2020-17519
CVE-2024-35340
CVE-2021-47558
local
XML injection
CVE-2021-47519
CVE-2021-47543
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »