Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php php 5.2.0 vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2008-5658
Directory traversal vulnerability in the ZipArchive::extractTo function in PHP 5.2.6 and previous versions allows context-dependent malicious users to write arbitrary files via a ZIP file with a file whose name contains .. (dot dot) sequences.
Php Php 5.2.0
Php Php 5.1.6
Php Php 5.0.5
Php Php 5.0.4
Php Php 5.0.0
Php Php
Php Php 5.1.5
Php Php 5.1.4
Php Php 5.0.3
Php Php 5.0.2
Php Php 5.2.5
Php Php 5.2.4
Php Php 5.2.3
Php Php 5.1.3
Php Php 5.1.2
Php Php 5.0.1
Php Php 5.2.2
Php Php 5.2.1
Php Php 5.1.1
Php Php 5.1.0
668
VMScore
CVE-2008-5624
PHP 5 prior to 5.2.7 does not properly initialize the page_uid and page_gid global variables for use by the SAPI php_getuid function, which allows context-dependent malicious users to bypass safe_mode restrictions via variable settings that are intended to be restricted to root, ...
Php Php 5.2.0
Php Php 5.2.7
Php Php 5.1.6
Php Php 5.0.5
Php Php 5.0.4
Php Php 5.0.3
Php Php 5.0.0
Php Php 5.2.1
Php Php 5.2.2
Php Php 5.1.5
Php Php 5.1.4
Php Php 5.0.2
Php Php 5.0.1
Php Php 5.2.3
Php Php 5.2.4
Php Php 5.1.3
Php Php 5.1.2
Php Php 5.2.5
Php Php 5.2.6
Php Php 5.1.1
Php Php 5.1.0
668
VMScore
CVE-2008-3658
Buffer overflow in the imageloadfont function in ext/gd/gd.c in PHP 4.4.x prior to 4.4.9 and PHP 5.2 prior to 5.2.6-r6 allows context-dependent malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a crafted font file.
Php Php 4.4.0
Php Php 4.4.1
Php Php 5.2.0
Php Php 5.2.1
Php Php 4.4.2
Php Php 4.4.3
Php Php 5.2.2
Php Php 5.2.3
Php Php 4.4.4
Php Php 4.4.5
Php Php 4.4.6
Php Php 5.2.4
Php Php 5.2.5
Php Php 4.4.7
Php Php 4.4.8
Php Php 5.2.6
668
VMScore
CVE-2008-2107
The GENERATE_SEED macro in PHP 4.x prior to 4.4.8 and 5.x prior to 5.2.5, when running on 32-bit systems, performs a multiplication using values that can produce a zero seed in rare circumstances, which allows context-dependent malicious users to predict subsequent values of the ...
Php Php 5
Php Php 5.0.0
Php Php 5.0.2
Php Php 5.0.3
Php Php 5.1.5
Php Php 5.1.6
Php Php 5.0.1
Php Php 5.1.3
Php Php 5.1.4
Php Php 5.2.4
Php Php
Php Php 5.0.4
Php Php 5.0.5
Php Php 5.1.0
Php Php 5.2.0
Php Php 5.2.1
Php Php 5.1.1
Php Php 5.1.2
Php Php 5.2.2
Php Php 5.2.3
668
VMScore
CVE-2008-2108
The GENERATE_SEED macro in PHP 4.x prior to 4.4.8 and 5.x prior to 5.2.5, when running on 64-bit systems, performs a multiplication that generates a portion of zero bits during conversion due to insufficient precision, which produces 24 bits of entropy and simplifies brute force ...
Php Php
Fedoraproject Fedora 9
Fedoraproject Fedora 8
Canonical Ubuntu Linux 7.04
Canonical Ubuntu Linux 7.10
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 6.06
Debian Debian Linux 4.0
668
VMScore
CVE-2007-4657
Multiple integer overflows in PHP 4 prior to 4.4.8, and PHP 5 prior to 5.2.4, allow remote malicious users to obtain sensitive information (memory contents) or cause a denial of service (thread crash) via a large len value to the (1) strspn or (2) strcspn function, which triggers...
Php Php
Debian Debian Linux 4.0
Debian Debian Linux 3.1
Canonical Ubuntu Linux 7.10
Canonical Ubuntu Linux 7.04
Canonical Ubuntu Linux 6.10
Canonical Ubuntu Linux 6.06
668
VMScore
CVE-2007-4658
The money_format function in PHP 5 prior to 5.2.4, and PHP 4 prior to 4.4.8, permits multiple (1) %i and (2) %n tokens, which has unknown impact and attack vectors, possibly related to a format string vulnerability.
Php Php 5.0.4
Php Php 5.0.3
Php Php 5.0.0
Php Php 5.0.2
Php Php 5.2.0
Php Php 5.1.4
Php Php 5.1.0
Php Php 5.2.12
Php Php 5.2.1
Php Php 5.2.2
Php Php 5.2.11
Php Php 5.0.5
Php Php 5.2.13
Php Php 5.1.6
Php Php 5.2.3
Php Php 5.2.10
Php Php 5.1.3
Php Php 5.1.2
Php Php 5.1.1
Php Php 5.0.1
Php Php 5.1.5
Php Php 5.2.14
668
VMScore
CVE-2007-4659
The zend_alter_ini_entry function in PHP prior to 5.2.4 does not properly handle an interruption to the flow of execution triggered by a memory_limit violation, which has unknown impact and attack vectors.
Php Php
668
VMScore
CVE-2007-4660
Unspecified vulnerability in the chunk_split function in PHP prior to 5.2.4 has unknown impact and attack vectors, related to an incorrect size calculation.
Php Php
668
VMScore
CVE-2007-4662
Buffer overflow in the php_openssl_make_REQ function in PHP prior to 5.2.4 has unknown impact and attack vectors.
Php Php
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »