Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php php 4.4.4 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2010-4409
Integer overflow in the NumberFormatter::getSymbol (aka numfmt_get_symbol) function in PHP 5.3.3 and previous versions allows context-dependent malicious users to cause a denial of service (application crash) via an invalid argument.
Php Php 4.0
Php Php 4.0.0
Php Php 4.2.0
Php Php 4.3.1
Php Php 4.3.7
Php Php 4.3.8
Php Php 4.4.5
Php Php 4.4.6
Php Php 3.0.12
Php Php 3.0.1
Php Php 3.0.17
Php Php 3.0.16
Php Php 2.0
Php Php 1.0
Php Php 5.3.0
Php Php 4.0.3
Php Php 4.0.4
Php Php 4.1.0
Php Php 4.2.2
Php Php 4.2.3
Php Php 4.3.2
Php Php 4.3.3
1 EDB exploit
NA
CVE-2011-0753
Race condition in the PCNTL extension in PHP prior to 5.3.4, when a user-defined signal handler exists, might allow context-dependent malicious users to cause a denial of service (memory corruption) via a large number of concurrent signals.
Php Php 4.0.2
Php Php 4.0.3
Php Php 4.0
Php Php 4.2.1
Php Php 4.2.2
Php Php 4.3.11
Php Php 4.3.2
Php Php 4.3.9
Php Php 4.4.0
Php Php 4.4.8
Php Php 4.4.9
Php Php 5.3.2
Php Php 4.0.6
Php Php 4.0.7
Php Php 5.3.0
Php Php 5.3.1
Php Php 4.0.4
Php Php 4.0.5
Php Php 4.1.0
Php Php 4.2.3
Php Php 4.3.3
Php Php 4.3.4
NA
CVE-2011-0754
The SplFileInfo::getType function in the Standard PHP Library (SPL) extension in PHP prior to 5.3.4 on Windows does not properly detect symbolic links, which might make it easier for local users to conduct symlink attacks by leveraging cross-platform differences in the stat struc...
Php Php 3.0.14
Php Php 3.0.3
Php Php 4.0.1
Php Php 4.0.6
Php Php 4.0
Php Php 4.3.0
Php Php 4.3.4
Php Php 4.3.6
Php Php 4.4.6
Php Php 4.4.7
Php Php 3.0.13
Php Php 3.0.15
Php Php 4.4.4
Php Php 4.3.3
Php Php 1.0
Php Php 2.0
Php Php 3.0.7
Php Php 4.0.2
Php Php 4.2.1
Php Php 4.2.2
Php Php 4.2.0
Php Php 4.3.10
NA
CVE-2007-1461
The compress.bzip2:// URL wrapper provided by the bz2 extension in PHP prior to 4.4.7, and 5.x prior to 5.2.2, does not implement safemode or open_basedir checks, which allows remote malicious users to read bzip2 archives located outside of the intended directories.
Php Php 5.0.5
Php Php 5.1.1
Php Php 5.1.6
Php Php 5.2.1
Php Php 5.0.0
Php Php 5.0.1
Php Php 5.0.2
Php Php 5.0.3
Php Php 5.1.2
Php Php 5.1.3
Php Php 5.1.4
Php Php 5.1.5
Php Php 5.0.4
Php Php 5.1.0
Php Php 5.2.0
Php Php
Php Php 4.3.4
Php Php 4.3.6
Php Php 4.3.0
Php Php 4.3.8
Php Php 4.4.3
Php Php 4.0
NA
CVE-2006-3016
Unspecified vulnerability in session.c in PHP prior to 5.1.3 has unknown impact and attack vectors, related to "certain characters in session names," including special characters that are frequently associated with CRLF injection, SQL injection, cross-site scripting (XS...
Php Group Php
NA
CVE-2011-1148
Use-after-free vulnerability in the substr_replace function in PHP 5.3.6 and previous versions allows context-dependent malicious users to cause a denial of service (memory corruption) or possibly have unspecified other impact by using the same variable for multiple arguments.
Php Php 5.3.0
Php Php 4.0.3
Php Php 4.0.4
Php Php 4.0
Php Php 4.1.0
Php Php 4.2.2
Php Php 4.2.3
Php Php 4.3.2
Php Php 4.3.3
Php Php 4.4.1
Php Php 4.4.2
Php Php 4.4.9
Php Php 3.0.11
Php Php 3.0.18
Php Php 3.0.4
Php Php 3.0.8
Php Php 3.0.5
Php Php 5.3.5
Php Php
Php Php 4.0.1
Php Php 4.0.2
Php Php 4.2.1
NA
CVE-2011-2202
The rfc1867_post_handler function in main/rfc1867.c in PHP prior to 5.3.7 does not properly restrict filenames in multipart/form-data POST requests, which allows remote malicious users to conduct absolute path traversal attacks, and possibly create or overwrite arbitrary files, v...
Php Php 5.3.0
Php Php 4.0.4
Php Php 4.0.5
Php Php 4.0
Php Php 4.1.0
Php Php 4.2.2
Php Php 4.2.3
Php Php 4.3.3
Php Php 4.3.4
Php Php 4.4.1
Php Php 4.4.2
Php Php 3.0.11
Php Php 3.0.10
Php Php 3.0.4
Php Php 3.0.3
Php Php 3.0.8
Php Php 3.0.5
Php Php
Php Php 4.0.0
Php Php 4.0.1
Php Php 4.2.0
Php Php 4.3.1
1 EDB exploit
NA
CVE-2007-0905
PHP prior to 5.2.1 allows malicious users to bypass safe_mode and open_basedir restrictions via unspecified vectors in the session extension. NOTE: it is possible that this issue is a duplicate of CVE-2006-6383.
Php Php 3.0
Php Php 3.0.1
Php Php 3.0.16
Php Php 3.0.17
Php Php 3.0.18
Php Php 3.0.8
Php Php 3.0.9
Php Php 4.0.3
Php Php 4.0.4
Php Php 4.1.1
Php Php 4.1.2
Php Php 4.3.1
Php Php 4.3.10
Php Php 4.3.7
Php Php 4.3.8
Php Php 5.0.1
Php Php 5.0.2
Php Php 5.1.0
Php Php 5.1.1
Php Php 3.0.10
Php Php 3.0.11
Php Php 3.0.2
NA
CVE-2007-0909
Multiple format string vulnerabilities in PHP prior to 5.2.1 might allow malicious users to execute arbitrary code via format string specifiers to (1) all of the *print functions on 64-bit systems, and (2) the odbc_result_all function.
Php Php 3.0.1
Php Php 3.0.10
Php Php 3.0.17
Php Php 3.0.18
Php Php 3.0.9
Php Php 4.0
Php Php 4.0.4
Php Php 4.0.5
Php Php 4.1.1
Php Php 4.1.2
Php Php 4.3.10
Php Php 4.3.11
Php Php 4.3.8
Php Php 4.3.9
Php Php 5.0.1
Php Php 5.0.2
Php Php 5.1.1
Php Php 5.1.2
Php Php 3.0.11
Php Php 3.0.12
Php Php 3.0.2
Php Php 3.0.3
NA
CVE-2007-0910
Unspecified vulnerability in PHP prior to 5.2.1 allows malicious users to "clobber" certain super-global variables via unspecified vectors.
Php Php 3.0.10
Php Php 3.0.11
Php Php 3.0.18
Php Php 3.0.2
Php Php 3.0.9
Php Php 4.0
Php Php 4.0.5
Php Php 4.0.6
Php Php 3.0
Php Php 3.0.1
Php Php 3.0.16
Php Php 3.0.17
Php Php 3.0.7
Php Php 3.0.8
Php Php 4.0.3
Php Php 4.0.4
Php Php 4.1.0
Php Php 4.1.1
Php Php 4.3.0
Php Php 4.3.1
Php Php 4.3.7
Php Php 4.3.8
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »