Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php php 5.3.3 vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2013-1643
The SOAP parser in PHP prior to 5.3.23 and 5.4.x prior to 5.4.13 allows remote malicious users to read arbitrary files via a SOAP WSDL file containing an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue in the ...
Php Php 4.3.9
Php Php 4.4.9
Php Php 3.0
Php Php
Php Php 5.2.9
Php Php 4.0
Php Php 3.0.5
Php Php 3.0.11
Php Php 5.3.10
Php Php 5.1.5
Php Php 5.3.6
Php Php 5.3.9
Php Php 5.1.2
Php Php 5.3.1
Php Php 4.2.0
Php Php 5.1.1
Php Php 3.0.1
Php Php 5.3.18
Php Php 5.2.14
Php Php 3.0.2
Php Php 4.4.4
Php Php 5.0.0
445
VMScore
CVE-2012-3365
The SQLite functionality in PHP prior to 5.3.15 allows remote malicious users to bypass the open_basedir protection mechanism via unspecified vectors.
Php Php 4.3.9
Php Php 4.4.9
Php Php 3.0
Php Php 5.2.9
Php Php 4.0
Php Php 3.0.5
Php Php 3.0.11
Php Php 5.3.10
Php Php 5.1.5
Php Php 5.3.6
Php Php 5.3.9
Php Php 5.1.2
Php Php 5.3.1
Php Php 4.2.0
Php Php 5.1.1
Php Php 3.0.1
Php Php 5.2.14
Php Php 3.0.2
Php Php 4.4.4
Php Php 5.0.0
Php Php 4.1.0
Php Php 5.1.6
445
VMScore
CVE-2011-3720
conceptcms 5.3.1, 5.3.3, and possibly other versions allows remote malicious users to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by sys_libs/umlib/um_authserver.inc.php and certain oth...
Conceptcms Conceptcms 5.3.1
445
VMScore
CVE-2011-3267
PHP prior to 5.3.7 does not properly implement the error_log function, which allows context-dependent malicious users to cause a denial of service (application crash) via unspecified vectors.
Php Php 4.3.9
Php Php 4.4.9
Php Php 3.0
Php Php 5.2.9
Php Php 4.0
Php Php 3.0.5
Php Php 3.0.11
Php Php 5.1.5
Php Php 5.1.2
Php Php 5.3.1
Php Php 4.2.0
Php Php 5.1.1
Php Php 3.0.1
Php Php 5.2.14
Php Php 3.0.2
Php Php 4.4.4
Php Php 5.0.0
Php Php 4.1.0
Php Php 5.1.6
Php Php 4.3.4
Php Php 4.0.4
Php Php 4.3.0
445
VMScore
CVE-2011-2483
crypt_blowfish prior to 1.1, as used in PHP prior to 5.3.7 on certain platforms, PostgreSQL prior to 8.4.9, and other products, does not properly handle 8-bit characters, which makes it easier for context-dependent malicious users to determine a cleartext password by leveraging k...
Php Php
Postgresql Postgresql
Openwall Crypt Blowfish
1 Github repository
445
VMScore
CVE-2011-1657
The (1) ZipArchive::addGlob and (2) ZipArchive::addPattern functions in ext/zip/php_zip.c in PHP 5.3.6 allow context-dependent malicious users to cause a denial of service (application crash) via certain flags arguments, as demonstrated by (a) GLOB_ALTDIRFUNC and (b) GLOB_APPEND.
Php Php 5.3.6
445
VMScore
CVE-2011-1466
Integer overflow in the SdnToJulian function in the Calendar extension in PHP prior to 5.3.6 allows context-dependent malicious users to cause a denial of service (application crash) via a large integer in the first argument to the cal_from_jd function.
Php Php 4.3.9
Php Php 4.4.9
Php Php 3.0
Php Php 5.2.9
Php Php 4.0
Php Php 3.0.5
Php Php 3.0.11
Php Php 5.2.4
Php Php 5.1.5
Php Php 5.1.2
Php Php 5.3.1
Php Php 4.2.0
Php Php 5.1.1
Php Php 3.0.1
Php Php 5.2.14
Php Php 3.0.2
Php Php 4.4.4
Php Php 5.0.0
Php Php 4.1.0
Php Php 5.1.6
Php Php 5.2.16
Php Php 4.3.4
445
VMScore
CVE-2010-4698
Stack-based buffer overflow in the GD extension in PHP prior to 5.2.15 and 5.3.x prior to 5.3.4 allows context-dependent malicious users to cause a denial of service (application crash) via a large number of anti-aliasing steps in an argument to the imagepstext function.
Php Php 5.3.1
Php Php 5.2.14
Php Php 5.2.2
Php Php 5.2.12
Php Php 5.2.11
Php Php 5.3.0
Php Php 5.2.3
Php Php 5.3.3
Php Php 5.2.13
Php Php 5.2.0
Php Php 5.2.4
Php Php 5.3.2
Php Php 5.2.10
Php Php 5.2.1
445
VMScore
CVE-2010-4150
Double free vulnerability in the imap_do_open function in the IMAP extension (ext/imap/php_imap.c) in PHP 5.2 prior to 5.2.15 and 5.3 prior to 5.3.4 allows malicious users to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors.
Php Php 5.3.1
Php Php 5.2.14
Php Php 5.2.2
Php Php 5.2.12
Php Php 5.2.11
Php Php 5.3.0
Php Php 5.2.3
Php Php 5.3.3
Php Php 5.2.13
Php Php 5.2.0
Php Php 5.2.4
Php Php 5.3.2
Php Php 5.2.10
Php Php 5.2.1
445
VMScore
CVE-2010-3436
fopen_wrappers.c in PHP 5.3.x up to and including 5.3.3 might allow remote malicious users to bypass open_basedir restrictions via vectors related to the length of a filename.
Php Php
Canonical Ubuntu Linux 10.10
Canonical Ubuntu Linux 9.10
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 6.06
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37884
CVE-2024-6003
remote
brute force
information disclosure
CVE-2024-27801
CVE-2024-30078
CVE-2024-31870
CVE-2024-6042
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »