Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php php 5.0 vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2018-20148
In WordPress prior to 4.9.9 and 5.x prior to 5.0.1, contributors could conduct PHP object injection attacks via crafted metadata in a wp.getMediaItem XMLRPC call. This is caused by mishandling of serialized data at phar:// URLs in the wp_get_attachment_thumb_file function in wp-i...
Wordpress Wordpress
Debian Debian Linux 8.0
Debian Debian Linux 9.0
2 Github repositories
668
VMScore
CVE-2011-1480
SQL injection vulnerability in admin.php in the administration backend in Francisco Burzi PHP-Nuke 8.0 and previous versions allows remote malicious users to execute arbitrary SQL commands via the chng_uid parameter.
Phpnuke Php-nuke 5.6
Phpnuke Php-nuke 7.3
Phpnuke Php-nuke 7.4
Phpnuke Php-nuke 7.1
Phpnuke Php-nuke 5.0.1
Phpnuke Php-nuke 5.5
Phpnuke Php-nuke 7.9
Phpnuke Php-nuke 5.3
Phpnuke Php-nuke 6.9
Phpnuke Php-nuke 5.3.1
Phpnuke Php-nuke 5.0
Phpnuke Php-nuke 6.8
Phpnuke Php-nuke 6.6
Phpnuke Php-nuke 7.5
Phpnuke Php-nuke 7.2
Phpnuke Php-nuke 7.7
Phpnuke Php-nuke
Phpnuke Php-nuke 5.2
Phpnuke Php-nuke 7.8
Phpnuke Php-nuke 6.0
Phpnuke Php-nuke 6.7
Phpnuke Php-nuke 7.0
668
VMScore
CVE-2009-3291
The php_openssl_apply_verification_policy function in PHP prior to 5.2.11 does not properly perform certificate validation, which has unknown impact and attack vectors, probably related to an ability to spoof certificates.
Php Php 4.3.6
Php Php 4.3.5
Php Php 4.3.0
Php Php 5.0.0
Php Php 4.3.7
Php Php 4.4.4
Php Php 5.1.0
Php Php 5.0.2
Php Php 4.4.9
Php Php 4.2
Php Php 3.0.12
Php Php 3.0.1
Php Php 3.0.14
Php Php 3.0.17
Php Php 3.0.16
Php Php 3.0.5
Php Php 3.0.6
Php Php 4.0
Php Php 4.0.1
Php Php 4.1.2
Php Php 4.0.7
Php Php 5.2.9
668
VMScore
CVE-2009-3292
Unspecified vulnerability in PHP prior to 5.2.11, and 5.3.x prior to 5.3.1, has unknown impact and attack vectors related to "missing sanity checks around exif processing."
Php Php 4.3.2
Php Php 4.3.11
Php Php 4.2.3
Php Php 5.0
Php Php 4.4.0
Php Php 4.4.1
Php Php 4.4.2
Php Php 5.0.0
Php Php 1.0
Php Php 2.0b10
Php Php 3.0.11
Php Php 3.0.10
Php Php 3.0.4
Php Php 3.0.3
Php Php 3.0.9
Php Php 4.0
Php Php 4.0.0
Php Php 4.0.4
Php Php 4.0.3
Php Php 4.0.7
Php Php 5.1.4
Php Php 5.1.5
668
VMScore
CVE-2009-3293
Unspecified vulnerability in the imagecolortransparent function in PHP prior to 5.2.11 has unknown impact and attack vectors related to an incorrect "sanity check for the color index."
Php Php 4.3.6
Php Php 4.3.5
Php Php 4.2.0
Php Php 4.4.5
Php Php 5.0.0
Php Php 4.3.7
Php Php 4.4.4
Php Php 5.1.0
Php Php 5.0.5
Php Php 5.0.2
Php Php 5.0.1
Php Php 4.2
Php Php 4.4.9
Php Php 3.0.1
Php Php 3.0
Php Php 3.0.17
Php Php 3.0.16
Php Php 3.0.5
Php Php 3.0.6
Php Php 4.0
Php Php 4.0.6
Php Php 4.0.1
668
VMScore
CVE-2008-6728
SQL injection vulnerability in the Sections module in PHP-Nuke, probably prior to 8.0, allows remote malicious users to execute arbitrary SQL commands via the artid parameter in a printpage action to modules.php.
Phpnuke Php-nuke 7.1
Phpnuke Php-nuke 7.2
Phpnuke Php-nuke 7.0
Phpnuke Php-nuke 6.5
Phpnuke Php-nuke 5.6
Phpnuke Php-nuke 5.4
Phpnuke Php-nuke 5.5
Phpnuke Php-nuke 7.6
Phpnuke Php-nuke 7.5
Phpnuke Php-nuke 5.3
Phpnuke Php-nuke 5.3.1
Phpnuke Php-nuke 6.9
Phpnuke Php-nuke
Phpnuke Php-nuke 7.4
Phpnuke Php-nuke 7.3
Phpnuke Php-nuke 5.1
Phpnuke Php-nuke 5.2
Phpnuke Php-nuke 6.7
Phpnuke Php-nuke 6.8
Phpnuke Php-nuke 7.8
Phpnuke Php-nuke 7.7
Phpnuke Php-nuke 5.0
668
VMScore
CVE-2007-1864
Buffer overflow in the bundled libxmlrpc library in PHP prior to 4.4.7, and 5.x prior to 5.2.2, has unknown impact and remote attack vectors.
Php Php
Debian Debian Linux 3.1
Debian Debian Linux 4.0
Canonical Ubuntu Linux 6.06
Canonical Ubuntu Linux 7.04
Canonical Ubuntu Linux 6.10
Redhat Enterprise Linux Workstation 5.0
Redhat Enterprise Linux Server 5.0
668
VMScore
CVE-2007-1885
Integer overflow in the str_replace function in PHP 4 prior to 4.4.5 and PHP 5 prior to 5.2.1 allows context-dependent malicious users to execute arbitrary code via a single character search string in conjunction with a long replacement string, which overflows a 32 bit length cou...
Php Php 4.0.1
Php Php 4.0.2
Php Php 4.0.7
Php Php 4.2.1
Php Php 4.2.2
Php Php 4.3.3
Php Php 4.3.4
Php Php 4.4.1
Php Php 4.0.3
Php Php 4.2.3
Php Php 4.2
Php Php 4.3.5
Php Php 4.3.6
Php Php 4.4.3
Php Php 4.4.4
Php Php 5.0.0
Php Php 5.0
Php Php 5.1.4
Php Php 5.1.5
Php Php 4.0.4
Php Php 4.1.0
Php Php 4.1.1
668
VMScore
CVE-2007-1888
Buffer overflow in the sqlite_decode_binary function in src/encode.c in SQLite 2, as used by PHP 4.x up to and including 5.x and other applications, allows context-dependent malicious users to execute arbitrary code via an empty value of the in parameter. NOTE: some PHP installat...
Php Php 4.0.1
Php Php 4.0.5
Php Php 4.0.6
Php Php 4.0
Php Php 4.2.1
Php Php 4.2.2
Php Php 4.3.2
Php Php 4.3.3
Php Php 4.4.0
Php Php 4.4.1
Php Php 4.4.2
Php Php 5.0.0
Php Php 5.0.3
Php Php 5.0.4
Php Php 5.1.1
Php Php 5.1.2
Php Php 5.1.3
Php Php 4.0.2
Php Php 4.0.7
Php Php 4.2.3
Php Php 4.2
Php Php 4.3.4
668
VMScore
CVE-2007-0905
PHP prior to 5.2.1 allows malicious users to bypass safe_mode and open_basedir restrictions via unspecified vectors in the session extension. NOTE: it is possible that this issue is a duplicate of CVE-2006-6383.
Php Php 3.0
Php Php 3.0.1
Php Php 3.0.16
Php Php 3.0.17
Php Php 3.0.18
Php Php 3.0.8
Php Php 3.0.9
Php Php 4.0.3
Php Php 4.0.4
Php Php 4.1.1
Php Php 4.1.2
Php Php 4.3.1
Php Php 4.3.10
Php Php 4.3.7
Php Php 4.3.8
Php Php 5.0.1
Php Php 5.0.2
Php Php 5.1.0
Php Php 5.1.1
Php Php 3.0.10
Php Php 3.0.11
Php Php 3.0.2
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »