Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php php 5.2.1 vulnerabilities and exploits
(subscribe to this query)
505
VMScore
CVE-2010-4645
strtod.c, as used in the zend_strtod function in PHP 5.2 prior to 5.2.17 and 5.3 prior to 5.3.5, and other products, allows context-dependent malicious users to cause a denial of service (infinite loop) via a certain floating-point value in scientific notation, which is not prope...
Php Php 5.2.9
Php Php 5.2.14
Php Php 5.2.16
Php Php 5.2.7
Php Php 5.2.2
Php Php 5.2.5
Php Php 5.2.12
Php Php 5.2.11
Php Php 5.2.6
Php Php 5.2.3
Php Php 5.2.13
Php Php 5.2.0
Php Php 5.2.4
Php Php 5.2.10
Php Php 5.2.15
Php Php 5.2.1
Php Php 5.2.8
Php Php 5.3.1
Php Php 5.3.0
Php Php 5.3.3
Php Php 5.3.2
Php Php 5.3.4
1 EDB exploit
760
VMScore
CVE-2007-1376
The shmop functions in PHP prior to 4.4.5, and prior to 5.2.1 in the 5.x series, do not verify that their arguments correspond to a shmop resource, which allows context-dependent malicious users to read and write arbitrary memory locations via arguments associated with an inappro...
Php Php 4.3.9
Php Php 4.0
Php Php 5.1.5
Php Php 5.1.2
Php Php 4.2.0
Php Php 5.1.1
Php Php 4.4.4
Php Php 5.0.0
Php Php 4.1.0
Php Php 5.1.6
Php Php 4.3.4
Php Php 4.0.4
Php Php 4.3.0
Php Php 4.0.5
Php Php 5.0
Php Php 5.0.5
Php Php 4.3.6
Php Php 5.0.1
Php Php 5.1.4
Php Php 4.0.7
Php Php 4.3.7
Php Php 5.0.4
2 EDB exploits
505
VMScore
CVE-2008-5498
Array index error in the imageRotate function in PHP 5.2.8 and previous versions allows context-dependent malicious users to read the contents of arbitrary memory locations via a crafted value of the third argument (aka the bgd_color or clrBack argument) for an indexed image.
Php Php 5.1.5
Php Php 5.1.2
Php Php 5.1.1
Php Php 5.0.0
Php Php 5.1.6
Php Php 5.0
Php Php 5.2.7
Php Php 5.2.2
Php Php 5.0.5
Php Php 5.0.1
Php Php 5.1.4
Php Php 5.2.5
Php Php 5.0.4
Php Php
Php Php 5.2.6
Php Php 5.2.3
Php Php 5.0.3
Php Php 5.1.0
Php Php 5.2.0
Php Php 5.2.4
Php Php 5.1.3
Php Php 5.0.2
1 EDB exploit
445
VMScore
CVE-2009-4418
The unserialize function in PHP 5.3.0 and previous versions allows context-dependent malicious users to cause a denial of service (resource consumption) via a deeply nested serialized variable, as demonstrated by a string beginning with a:1: followed by many {a:1: sequences.
Php Php 5.2.9
Php Php 5.2.4
Php Php 5.1.5
Php Php 5.1.2
Php Php 5.1.1
Php Php 5.0.0
Php Php 5.1.6
Php Php 5.0
Php Php 5.2.7
Php Php 5.2.2
Php Php 5.0.5
Php Php 5.0.1
Php Php 5.1.4
Php Php 5.2.5
Php Php 5.0.4
Php Php 5.2.11
Php Php 5.2.6
Php Php 5.2.3
Php Php 5.0.3
Php Php 5.1.0
Php Php 5.2.0
Php Php 5.1.3
505
VMScore
CVE-2010-1130
session.c in the session extension in PHP prior to 5.2.13, and 5.3.1, does not properly interpret ; (semicolon) characters in the argument to the session_save_path function, which allows context-dependent malicious users to bypass open_basedir and safe_mode restrictions via an ar...
Php Php 5.2.9
Php Php 5.1.5
Php Php 5.1.2
Php Php 5.3.1
Php Php 5.1.1
Php Php 5.0.0
Php Php 5.1.6
Php Php 5.2.7
Php Php 5.2.2
Php Php 5.0.5
Php Php 5.0.1
Php Php 5.1.4
Php Php 5.2.5
Php Php 5.0.4
Php Php
Php Php 5.2.11
Php Php 5.2.6
Php Php 5.2.3
Php Php 5.0.3
Php Php 5.1.0
Php Php 5.2.13
Php Php 5.2.0
1 EDB exploit
755
VMScore
CVE-2007-1700
The session extension in PHP 4 prior to 4.4.5, and PHP 5 prior to 5.2.1, calculates the reference count for the session variables without considering the internal pointer from the session globals, which allows context-dependent malicious users to execute arbitrary code via a craf...
Php Php 4.3.9
Php Php 4.0
Php Php 5.1.5
Php Php 5.1.2
Php Php 4.2.0
Php Php 5.1.1
Php Php 4.4.4
Php Php 5.0.0
Php Php 4.1.0
Php Php 5.1.6
Php Php 4.3.4
Php Php 4.0.4
Php Php 4.3.0
Php Php 4.0.5
Php Php 5.0
Php Php 5.0.5
Php Php 4.3.6
Php Php 5.0.1
Php Php 5.1.4
Php Php 4.0.7
Php Php 4.3.7
Php Php 5.0.4
1 EDB exploit
890
VMScore
CVE-2007-0910
Unspecified vulnerability in PHP prior to 5.2.1 allows malicious users to "clobber" certain super-global variables via unspecified vectors.
Php Php 4.3.9
Php Php 3.0
Php Php 3.0.5
Php Php 3.0.11
Php Php
Php Php 5.1.5
Php Php 5.1.2
Php Php 4.2.0
Php Php 5.1.1
Php Php 3.0.1
Php Php 3.0.2
Php Php 4.4.4
Php Php 4.1.0
Php Php 5.1.6
Php Php 4.3.4
Php Php 4.0.4
Php Php 4.3.0
Php Php 4.0.5
Php Php 5.0
Php Php 3.0.8
Php Php 5.0.5
Php Php 4.3.6
668
VMScore
CVE-2007-0906
Multiple buffer overflows in PHP prior to 5.2.1 allow malicious users to cause a denial of service and possibly execute arbitrary code via unspecified vectors in the (1) session, (2) zip, (3) imap, and (4) sqlite extensions; (5) stream filters; and the (6) str_replace, (7) mail, ...
Php Php 4.3.9
Php Php 3.0
Php Php 3.0.5
Php Php 3.0.11
Php Php 5.1.5
Php Php 5.1.2
Php Php 4.2.0
Php Php 5.1.1
Php Php 3.0.1
Php Php 3.0.2
Php Php 4.4.4
Php Php 4.1.0
Php Php 5.1.6
Php Php 4.3.4
Php Php 4.0.4
Php Php 4.3.0
Php Php 4.0.5
Php Php 5.0
Php Php 3.0.8
Php Php 5.0.5
Php Php 4.3.6
Php Php 3.0.13
445
VMScore
CVE-2007-0907
Buffer underflow in PHP prior to 5.2.1 allows malicious users to cause a denial of service via unspecified vectors involving the sapi_header_op function.
Php Php 4.3.9
Php Php 3.0
Php Php 3.0.5
Php Php 3.0.11
Php Php 5.1.5
Php Php 5.1.2
Php Php 4.2.0
Php Php 5.1.1
Php Php 3.0.1
Php Php 3.0.2
Php Php 4.4.4
Php Php 4.1.0
Php Php 5.1.6
Php Php 4.3.4
Php Php 4.0.4
Php Php 4.3.0
Php Php 4.0.5
Php Php 5.0
Php Php 3.0.8
Php Php 5.0.5
Php Php 4.3.6
Php Php 3.0.13
668
VMScore
CVE-2007-0909
Multiple format string vulnerabilities in PHP prior to 5.2.1 might allow malicious users to execute arbitrary code via format string specifiers to (1) all of the *print functions on 64-bit systems, and (2) the odbc_result_all function.
Php Php 4.3.9
Php Php 3.0
Php Php 3.0.5
Php Php 3.0.11
Php Php 5.1.5
Php Php 5.1.2
Php Php 4.2.0
Php Php 5.1.1
Php Php 3.0.1
Php Php 3.0.2
Php Php 4.4.4
Php Php 4.1.0
Php Php 5.1.6
Php Php 4.3.4
Php Php 4.0.4
Php Php 4.3.0
Php Php 4.0.5
Php Php 5.0
Php Php 3.0.8
Php Php 5.0.5
Php Php 4.3.6
Php Php 3.0.13
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »