Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php php 5.3.5 vulnerabilities and exploits
(subscribe to this query)
505
VMScore
CVE-2011-1467
Unspecified vulnerability in the NumberFormatter::setSymbol (aka numfmt_set_symbol) function in the Intl extension in PHP prior to 5.3.6 allows context-dependent malicious users to cause a denial of service (application crash) via an invalid argument, a related issue to CVE-2010-...
Php Php 4.0.1
Php Php 4.0.2
Php Php 4.0
Php Php 4.2.0
Php Php 4.3.10
Php Php 4.3.11
Php Php 4.3.8
Php Php 4.3.9
Php Php 4.4.6
Php Php 4.4.7
Php Php 4.4.8
Php Php 3.0
Php Php 3.0.2
Php Php 3.0.16
Php Php 3.0.9
Php Php 5.2.9
Php Php 5.2.12
Php Php 5.2.6
Php Php 5.2.8
Php Php 5.2.16
Php Php 5.2.7
Php Php 5.1.5
1 EDB exploit
445
VMScore
CVE-2006-7243
PHP prior to 5.3.4 accepts the \0 character in a pathname, which might allow context-dependent malicious users to bypass intended access restrictions by placing a safe file extension after this character, as demonstrated by .php\0.jpg at the end of the argument to the file_exists...
Php Php 5.3.0
Php Php 4.0.3
Php Php 4.0.4
Php Php 4.0
Php Php 4.1.0
Php Php 4.2.2
Php Php 4.2.3
Php Php 4.3.2
Php Php 4.3.3
Php Php 4.4.1
Php Php 4.4.2
Php Php 4.4.9
Php Php 3.0.11
Php Php 3.0.18
Php Php 3.0.4
Php Php 3.0.8
Php Php 3.0.5
Php Php 5.2.12
Php Php 5.2.10
Php Php 5.2.8
Php Php 5.2.3
Php Php 5.2.4
2 Articles
294
VMScore
CVE-2011-1144
The installer in PEAR 1.9.2 and previous versions allows local users to overwrite arbitrary files via a symlink attack on the package.xml file, related to the (1) download_dir, (2) cache_dir, (3) tmp_dir, and (4) pear-build-download directories. NOTE: this vulnerability exists be...
Php Pear 1.0
Php Pear 1.0.1
Php Pear 1.2
Php Pear 1.3.4
Php Pear 1.3.3.1
Php Pear 1.3
Php Pear 1.4.0
Php Pear 1.9.1
Php Pear 1.6.1
Php Pear 1.5.1
Php Pear 1.3.6
Php Pear 1.3.5
Php Pear
Php Pear 0.2.2
Php Pear 0.9
Php Pear 0.90
Php Pear 1.2.1
Php Pear 1.3.3
Php Pear 1.3.1
Php Pear 1.4.1
Php Pear 1.5.0
Php Pear 0.10
294
VMScore
CVE-2011-1072
The installer in PEAR prior to 1.9.2 allows local users to overwrite arbitrary files via a symlink attack on the package.xml file, related to the (1) download_dir, (2) cache_dir, (3) tmp_dir, and (4) pear-build-download directories, a different vulnerability than CVE-2007-2519.
Php Pear 0.11
Php Pear 1.0
Php Pear 1.2
Php Pear 1.3.6
Php Pear 1.3.5
Php Pear 1.4.0
Php Pear 0.90
Php Pear 0.10
Php Pear 1.2.1
Php Pear 1.1
Php Pear 1.3
Php Pear 1.4.2
Php Pear 0.2.2
Php Pear 0.9
Php Pear 1.0.1
Php Pear 1.3.3
Php Pear 1.3.1
Php Pear 1.4.1
Php Pear
Php Pear 1.6.1
Php Pear 1.3.4
Php Pear 1.3.3.1
435
VMScore
CVE-2011-1471
Integer signedness error in zip_stream.c in the Zip extension in PHP prior to 5.3.6 allows context-dependent malicious users to cause a denial of service (CPU consumption) via a malformed archive file that triggers errors in zip_fread function calls.
Php Php
1 EDB exploit
383
VMScore
CVE-2012-2317
The Debian php_crypt_revamped.patch patch for PHP 5.3.x, as used in the php5 package prior to 5.3.3-7+squeeze4 in Debian GNU/Linux squeeze, the php5 package prior to 5.3.2-1ubuntu4.17 in Ubuntu 10.04 LTS, and the php5 package prior to 5.3.5-1ubuntu7.10 in Ubuntu 11.04, does not p...
Debian Php5-common 5.3.3-7\\+squeeze4
Debian Php5-common
Debian Debian Linux
Canonical Ubuntu Linux 10.04
Canonical Php5 5.3.2-1ubuntu4.17
Canonical Php5
Canonical Php5 5.3.5-1ubuntu7.10
Canonical Ubuntu Linux 11.04
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5