Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php php 5.0 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2006-5465
Buffer overflow in PHP prior to 5.2.0 allows remote malicious users to execute arbitrary code via crafted UTF-8 inputs to the (1) htmlentities or (2) htmlspecialchars functions.
Php Php 5.0.0
Php Php 5.0
Php Php 5.0.1
Php Php 5.0.2
Php Php 5.1.0
Php Php 5.1.1
Php Php 5.0.5
Php Php 5.1.4
Php Php 5.1.5
Php Php
Php Php 5.0.3
Php Php 5.0.4
Php Php 5.1.2
Php Php 5.1.3
7.5
CVSSv2
CVE-2006-5123
Multiple PHP remote file inclusion vulnerabilities in Albrecht Guenther PHProjekt 5.1.x prior to 5.1.2 allow remote malicious users to execute arbitrary PHP code via a URL in the (1) lib_path or (2) lang_path parameter in unspecified files, related to code changes intended to fix...
Phprojekt Phprojekt 5.0.2
Phprojekt Phprojekt 5.1
Phprojekt Phprojekt 5.0
Phprojekt Phprojekt 5.0.1
Phprojekt Phprojekt 5.1 Beta
Phprojekt Phprojekt
7.5
CVSSv2
CVE-2006-4905
PHP remote file inclusion vulnerability in index.php in Artmedic Links 5.0 allows remote malicious users to execute arbitrary PHP code via a URL in the id parameter, which is processed by the readfile function.
Artmedic Webdesign Artmedic Links 5.0
7.5
CVSSv2
CVE-2006-4433
PHP prior to 4.4.3 and 5.x prior to 5.1.4 does not limit the character set of the session identifier (PHPSESSID) for third party session handlers, which might make it easier for remote malicious users to exploit other vulnerabilities by inserting PHP code into the PHPSESSID, whic...
Php Php 4.0.1
Php Php 4.0.7
Php Php 4.0
Php Php 4.2.2
Php Php 4.2.3
Php Php 4.3.4
Php Php 4.3.5
Php Php 4.4.2
Php Php 5.0.0
Php Php 5.0.1
Php Php 5.0.2
Php Php 5.1.0
Php Php 4.0.0
Php Php 4.0.5
Php Php 4.0.6
Php Php 4.2.0
Php Php 4.2.1
Php Php 4.3.2
Php Php 4.3.3
Php Php 4.4.0
Php Php 4.4.1
Php Php 5.0
7.5
CVSSv2
CVE-2006-1767
Multiple PHP remote file inclusion vulnerabilities in nicecoder.com INDEXU 5.0.0 and 5.0.1 allow remote malicious users to execute arbitrary PHP code via a URL in the theme_path parameter in (1) index.php, (2) become_editor.php, (3) add.php, (4) bad_link.php, (5) browse.php, (6) ...
Nicecoder Indexu 5.0
Nicecoder Indexu 5.0.1
2 EDB exploits
7.5
CVSSv2
CVE-2005-3390
The RFC1867 file upload feature in PHP 4.x up to 4.4.0 and 5.x up to 5.0.5, when register_globals is enabled, allows remote malicious users to modify the GLOBALS array and bypass security protections of PHP applications via a multipart/form-data POST request with a "GLOBALS&...
Php Php 3.0.14
Php Php 3.0.15
Php Php 3.0.5
Php Php 3.0.6
Php Php 4.0.2
Php Php 4.0.3
Php Php 4.0.7
Php Php 4.2.3
Php Php 4.2
Php Php 4.3.5
Php Php 4.3.6
Php Php 5.0.2
Php Php 5.0.3
Php Php 3.0
Php Php 3.0.1
Php Php 3.0.16
Php Php 3.0.17
Php Php 3.0.7
Php Php 3.0.8
Php Php 4.0.4
Php Php 4.1.0
Php Php 4.1.1
1 EDB exploit
7.5
CVSSv2
CVE-2005-3159
SQL injection vulnerability in messages.php in PHP-Fusion allows remote malicious users to execute arbitrary SQL commands via the msg_view parameter, a different vulnerability than CVE-2005-3157 and CVE-2005-3158.
1 EDB exploit
7.5
CVSSv2
CVE-2005-2491
Integer overflow in pcre_compile.c in Perl Compatible Regular Expressions (PCRE) prior to 6.2, as used in multiple products such as Python, Ethereal, and PHP, allows malicious users to execute arbitrary code via quantifier values in regular expressions, which leads to a heap-base...
Pcre Pcre 5.0
Pcre Pcre 6.0
Pcre Pcre 6.1
7.5
CVSSv2
CVE-2005-0775
The reportpost action in misc.php for PhotoPost PHP 5.0 RC3 does not limit the logging data that is sent to the administrator, which allows remote malicious users to send large amounts of email to the administrator.
Photopost Photopost Php Pro 5.0 Rc3
7.5
CVSSv2
CVE-2005-0774
SQL injection vulnerability in member.php and possibly other scripts in PhotoPost PHP 5.0 RC3 allows remote malicious users to execute arbitrary SQL commands via the uid parameter.
Photopost Photopost Php Pro 5.0 Rc3
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »