Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php php 5.2.1 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2010-4697
Use-after-free vulnerability in the Zend engine in PHP prior to 5.2.15 and 5.3.x prior to 5.3.4 might allow context-dependent malicious users to cause a denial of service (heap memory corruption) or have unspecified other impact via vectors related to use of __set, __get, __isset...
Php Php 5.2.0
Php Php 5.2.7
Php Php 5.2.8
Php Php 5.1.3
Php Php 5.1.2
Php Php 5.0.0
Php Php 5.0.2
Php Php 5.0.3
Php Php 4.0.4
Php Php 4.0.5
Php Php 4.1.0
Php Php 4.1.1
Php Php 4.2.3
Php Php 4.3.3
Php Php 4.3.4
Php Php 4.3.5
Php Php 4.4.2
Php Php 5.2.3
Php Php 5.2.4
Php Php 5.2.11
Php Php 5.2.12
Php Php 5.1.6
NA
CVE-2010-4699
The iconv_mime_decode_headers function in the Iconv extension in PHP prior to 5.3.4 does not properly handle encodings that are unrecognized by the iconv and mbstring (aka Multibyte String) implementations, which allows remote malicious users to trigger an incomplete output array...
Php Php 5.3.1
Php Php 5.3.2
Php Php 4.0.5
Php Php 4.0.6
Php Php 4.0
Php Php 4.0.0
Php Php 4.0.7
Php Php 4.2.0
Php Php 4.3.1
Php Php 4.3.7
Php Php 4.3.8
Php Php 4.4.5
Php Php 4.4.6
Php Php 3.0.12
Php Php 3.0.1
Php Php 3.0.17
Php Php 3.0.16
Php Php 2.0
Php Php 1.0
Php Php 5.2.5
Php Php 5.2.0
Php Php 5.2.17
NA
CVE-2010-4645
strtod.c, as used in the zend_strtod function in PHP 5.2 prior to 5.2.17 and 5.3 prior to 5.3.5, and other products, allows context-dependent malicious users to cause a denial of service (infinite loop) via a certain floating-point value in scientific notation, which is not prope...
Php Php 5.2.9
Php Php 5.2.14
Php Php 5.2.16
Php Php 5.2.7
Php Php 5.2.2
Php Php 5.2.5
Php Php 5.2.12
Php Php 5.2.11
Php Php 5.2.6
Php Php 5.2.3
Php Php 5.2.13
Php Php 5.2.0
Php Php 5.2.4
Php Php 5.2.10
Php Php 5.2.15
Php Php 5.2.1
Php Php 5.2.8
Php Php 5.3.1
Php Php 5.3.0
Php Php 5.3.3
Php Php 5.3.2
Php Php 5.3.4
1 EDB exploit
NA
CVE-2010-4150
Double free vulnerability in the imap_do_open function in the IMAP extension (ext/imap/php_imap.c) in PHP 5.2 prior to 5.2.15 and 5.3 prior to 5.3.4 allows malicious users to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors.
Php Php 5.2.4
Php Php 5.2.3
Php Php 5.3.2
Php Php 5.2.11
Php Php 5.2.0
Php Php 5.3.0
Php Php 5.3.1
Php Php 5.2.12
Php Php 5.2.10
Php Php 5.2.13
Php Php 5.2.2
Php Php 5.3.3
Php Php 5.2.14
Php Php 5.2.1
NA
CVE-2009-5016
Integer overflow in the xml_utf8_decode function in ext/xml/xml.c in PHP prior to 5.2.11 makes it easier for remote malicious users to bypass cross-site scripting (XSS) and SQL injection protection mechanisms via a crafted string that uses overlong UTF-8 encoding, a different vul...
Php Php 5.0.0
Php Php 5.1.1
Php Php 5.1.2
Php Php
Php Php 4.0
Php Php 4.0.6
Php Php 4.0.7
Php Php 4.1.2
Php Php 4.3.0
Php Php 4.3.5
Php Php 4.3.6
Php Php 4.3.7
Php Php 4.4.4
Php Php 4.4.5
Php Php 3.0.13
Php Php 3.0.12
Php Php 3.0.14
Php Php 5.0.4
Php Php 5.0.5
Php Php 5.1.5
Php Php 5.1.6
Php Php 4.0.2
NA
CVE-2010-4097
Multiple cross-site scripting (XSS) vulnerabilities in index.php in Aardvark Topsites PHP 5.2.0 and 5.2.1 allow remote malicious users to inject arbitrary web script or HTML via the (1) mail, (2) title, (3) u, and (4) url parameters. NOTE: the q parameter is already covered by CV...
Avatic Aardvark Topsites Php 5.2.1
Avatic Aardvark Topsites Php 5.2.0
NA
CVE-2010-3710
Stack consumption vulnerability in the filter_var function in PHP 5.2.x up to and including 5.2.14 and 5.3.x up to and including 5.3.3, when FILTER_VALIDATE_EMAIL mode is used, allows remote malicious users to cause a denial of service (memory consumption and application crash) v...
Php Php 5.2.5
Php Php 5.2.0
Php Php 5.2.1
Php Php 5.2.2
Php Php 5.2.13
Php Php 5.2.11
Php Php 5.2.3
Php Php 5.2.14
Php Php 5.2.12
Php Php 5.2.10
Php Php 5.2.6
Php Php 5.2.8
Php Php 5.3.1
Php Php 5.3.2
Php Php 5.2.9
Php Php 5.2.7
Php Php 5.2.4
Php Php 5.3.3
Php Php 5.3.0
NA
CVE-2010-2484
The strrchr function in PHP 5.2 prior to 5.2.14 allows context-dependent malicious users to obtain sensitive information (memory contents) or trigger memory corruption by causing a userspace interruption of an internal function or handler.
Php Php 5.2.11
Php Php 5.2.5
Php Php 5.2.2
Php Php 5.2.9
Php Php 5.2.6
Php Php 5.2.8
Php Php 5.2.0
Php Php 5.2.4
Php Php 5.2.13
Php Php 5.2.12
Php Php 5.2.10
Php Php 5.2.3
Php Php 5.2.1
NA
CVE-2010-3065
The default session serializer in PHP 5.2 up to and including 5.2.13 and 5.3 up to and including 5.3.2 does not properly handle the PS_UNDEF_MARKER marker, which allows context-dependent malicious users to modify arbitrary session variables via a crafted session variable name.
Php Php 5.2.7
Php Php 5.2.8
Php Php 5.3.1
Php Php 5.3.2
Php Php 5.2.5
Php Php 5.2.6
Php Php 5.2.13
Php Php 5.3.0
Php Php 5.2.2
Php Php 5.2.3
Php Php 5.2.4
Php Php 5.2.11
Php Php 5.2.12
Php Php 5.2.0
Php Php 5.2.1
Php Php 5.2.9
Php Php 5.2.10
NA
CVE-2010-2225
Use-after-free vulnerability in the SplObjectStorage unserializer in PHP 5.2.x and 5.3.x up to and including 5.3.2 allows remote malicious users to execute arbitrary code or obtain sensitive information via serialized data, related to the PHP unserialize function.
Php Php 5.2.6
Php Php 5.2.7
Php Php 5.2.4
Php Php 5.2.5
Php Php 5.2.12
Php Php 5.2.13
Php Php 5.2.0
Php Php 5.2.1
Php Php 5.2.8
Php Php 5.2.9
Php Php 5.2.2
Php Php 5.2.3
Php Php 5.2.10
Php Php 5.2.11
Php Php 5.3.1
Php Php 5.3.2
Php Php 5.3.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310
CVE-2024-21683
CVE-2024-22187
chrome
deserialization
XPath injection
CVE-2024-27842
denial of service
CVE-2024-24851
google
CVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »