Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php php 5.3.2 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2011-1148
Use-after-free vulnerability in the substr_replace function in PHP 5.3.6 and previous versions allows context-dependent malicious users to cause a denial of service (memory corruption) or possibly have unspecified other impact by using the same variable for multiple arguments.
Php Php 5.3.0
Php Php 4.0.3
Php Php 4.0.4
Php Php 4.0
Php Php 4.1.0
Php Php 4.2.2
Php Php 4.2.3
Php Php 4.3.2
Php Php 4.3.3
Php Php 4.4.1
Php Php 4.4.2
Php Php 4.4.9
Php Php 3.0.11
Php Php 3.0.18
Php Php 3.0.4
Php Php 3.0.8
Php Php 3.0.5
Php Php 5.3.5
Php Php
Php Php 4.0.1
Php Php 4.0.2
Php Php 4.2.1
6.4
CVSSv2
CVE-2011-2202
The rfc1867_post_handler function in main/rfc1867.c in PHP prior to 5.3.7 does not properly restrict filenames in multipart/form-data POST requests, which allows remote malicious users to conduct absolute path traversal attacks, and possibly create or overwrite arbitrary files, v...
Php Php 5.3.0
Php Php 4.0.4
Php Php 4.0.5
Php Php 4.0
Php Php 4.1.0
Php Php 4.2.2
Php Php 4.2.3
Php Php 4.3.3
Php Php 4.3.4
Php Php 4.4.1
Php Php 4.4.2
Php Php 3.0.11
Php Php 3.0.10
Php Php 3.0.4
Php Php 3.0.3
Php Php 3.0.8
Php Php 3.0.5
Php Php
Php Php 4.0.0
Php Php 4.0.1
Php Php 4.2.0
Php Php 4.3.1
1 EDB exploit
6.8
CVSSv2
CVE-2011-4718
Session fixation vulnerability in the Sessions subsystem in PHP prior to 5.5.2 allows remote malicious users to hijack web sessions by specifying a session ID.
Php Php 5.5.0
Php Php 5.2.9
Php Php 5.4.12
Php Php 5.3.10
Php Php 5.3.27
Php Php 5.1.5
Php Php 5.4.15
Php Php 5.3.6
Php Php 5.3.9
Php Php 5.1.2
Php Php 5.3.1
Php Php 5.1.1
Php Php 5.3.18
Php Php 5.2.14
Php Php 5.0.0
Php Php 5.1.6
Php Php 5.2.16
Php Php 5.3.24
Php Php 5.3.15
Php Php 5.3.8
Php Php 5.2.7
Php Php 5.2.2
7.5
CVSSv2
CVE-2011-1153
Multiple format string vulnerabilities in phar_object.c in the phar extension in PHP 5.3.5 and previous versions allow context-dependent malicious users to obtain sensitive information from process memory, cause a denial of service (memory corruption), or possibly execute arbitra...
Php Php 4.3.3
Php Php 4.3.6
Php Php 4.4.7
Php Php 5.0.0
Php Php 5.2.8
Php Php 4.4.0
Php Php 5.0.4
Php Php 5.2.9
Php Php 5.0.3
Php Php 5.1.6
Php Php 5.2.0
Php Php 2.0
Php Php 4.4.8
Php Php 3.0.10
Php Php 3.0.13
Php Php 3.0.3
Php Php 3.0.15
Php Php 3.0.8
Php Php 3.0.5
Php Php 4.0.6
Php Php 4.0.5
Php Php 5.2.14
6.8
CVSSv2
CVE-2010-4697
Use-after-free vulnerability in the Zend engine in PHP prior to 5.2.15 and 5.3.x prior to 5.3.4 might allow context-dependent malicious users to cause a denial of service (heap memory corruption) or have unspecified other impact via vectors related to use of __set, __get, __isset...
Php Php 5.2.0
Php Php 5.2.7
Php Php 5.2.8
Php Php 5.1.3
Php Php 5.1.2
Php Php 5.0.0
Php Php 5.0.2
Php Php 5.0.3
Php Php 4.0.4
Php Php 4.0.5
Php Php 4.1.0
Php Php 4.1.1
Php Php 4.2.3
Php Php 4.3.3
Php Php 4.3.4
Php Php 4.3.5
Php Php 4.4.2
Php Php 5.2.3
Php Php 5.2.4
Php Php 5.2.11
Php Php 5.2.12
Php Php 5.1.6
5
CVSSv2
CVE-2012-1171
The libxml RSHUTDOWN function in PHP 5.x allows remote malicious users to bypass the open_basedir protection mechanism and read arbitrary files via vectors involving a stream_close method call during use of a custom stream wrapper.
Php Php 5.0.2
Php Php 5.0.3
Php Php 5.0.4
Php Php 5.0.5
Php Php 5.1.0
Php Php 5.2.14
Php Php 5.2.15
Php Php 5.2.16
Php Php 5.2.17
Php Php 5.3.13
Php Php 5.3.14
Php Php 5.3.15
Php Php 5.3.16
Php Php 5.3.4
Php Php 5.3.5
Php Php 5.3.6
Php Php 5.3.7
Php Php 5.4.14
Php Php 5.4.15
Php Php 5.4.16
Php Php 5.4.17
Php Php 5.4.9
4.3
CVSSv2
CVE-2011-1464
Buffer overflow in the strval function in PHP prior to 5.3.6, when the precision configuration option has a large value, might allow context-dependent malicious users to cause a denial of service (application crash) via a small numerical value in the argument.
Php Php 5.3.0
Php Php 4.0.3
Php Php 4.0.4
Php Php 4.0
Php Php 4.1.0
Php Php 4.2.2
Php Php 4.2.3
Php Php 4.3.2
Php Php 4.3.3
Php Php 4.3.4
Php Php 4.4.1
Php Php 4.4.2
Php Php 4.4.9
Php Php 3.0.11
Php Php 3.0.4
Php Php 3.0.3
Php Php 3.0.8
Php Php 3.0.5
Php Php 5.2.10
Php Php 5.2.13
Php Php 5.2.14
Php Php 5.2.1
5
CVSSv2
CVE-2011-1466
Integer overflow in the SdnToJulian function in the Calendar extension in PHP prior to 5.3.6 allows context-dependent malicious users to cause a denial of service (application crash) via a large integer in the first argument to the cal_from_jd function.
Php Php 5.3.1
Php Php 5.3.2
Php Php 4.0.5
Php Php 4.0.6
Php Php 4.1.0
Php Php 4.1.1
Php Php 4.3.0
Php Php 4.3.4
Php Php 4.3.5
Php Php 4.4.2
Php Php 4.4.3
Php Php 3.0.10
Php Php 3.0.13
Php Php 3.0.3
Php Php 3.0.15
Php Php 3.0.5
Php Php 3.0.6
Php Php 2.0b10
Php Php 5.2.11
Php Php 5.2.5
Php Php 5.2.1
Php Php 5.2.2
5
CVSSv2
CVE-2011-1467
Unspecified vulnerability in the NumberFormatter::setSymbol (aka numfmt_set_symbol) function in the Intl extension in PHP prior to 5.3.6 allows context-dependent malicious users to cause a denial of service (application crash) via an invalid argument, a related issue to CVE-2010-...
Php Php 4.0.1
Php Php 4.0.2
Php Php 4.0
Php Php 4.2.0
Php Php 4.3.10
Php Php 4.3.11
Php Php 4.3.8
Php Php 4.3.9
Php Php 4.4.6
Php Php 4.4.7
Php Php 4.4.8
Php Php 3.0
Php Php 3.0.2
Php Php 3.0.16
Php Php 3.0.9
Php Php 5.2.9
Php Php 5.2.12
Php Php 5.2.6
Php Php 5.2.8
Php Php 5.2.16
Php Php 5.2.7
Php Php 5.1.5
1 EDB exploit
4.3
CVSSv2
CVE-2011-1468
Multiple memory leaks in the OpenSSL extension in PHP prior to 5.3.6 might allow remote malicious users to cause a denial of service (memory consumption) via (1) plaintext data to the openssl_encrypt function or (2) ciphertext data to the openssl_decrypt function.
Php Php 4.0.3
Php Php 4.0.4
Php Php 4.0
Php Php 4.2.1
Php Php 4.2.2
Php Php 4.3.2
Php Php 4.3.3
Php Php 4.4.0
Php Php 4.4.1
Php Php 4.4.8
Php Php 4.4.9
Php Php 3.0.11
Php Php 3.0.18
Php Php 3.0.4
Php Php 3.0.7
Php Php 3.0.8
Php Php 5.2.10
Php Php 5.2.13
Php Php 5.2.3
Php Php 5.2.14
Php Php 5.2.4
Php Php 5.1.3
2 EDB exploits
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »