Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php php 5.3.2 vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2013-1643
The SOAP parser in PHP prior to 5.3.23 and 5.4.x prior to 5.4.13 allows remote malicious users to read arbitrary files via a SOAP WSDL file containing an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue in the ...
Php Php 4.3.9
Php Php 4.4.9
Php Php 3.0
Php Php
Php Php 5.2.9
Php Php 4.0
Php Php 3.0.5
Php Php 3.0.11
Php Php 5.3.10
Php Php 5.1.5
Php Php 5.3.6
Php Php 5.3.9
Php Php 5.1.2
Php Php 5.3.1
Php Php 4.2.0
Php Php 5.1.1
Php Php 3.0.1
Php Php 5.3.18
Php Php 5.2.14
Php Php 3.0.2
Php Php 4.4.4
Php Php 5.0.0
445
VMScore
CVE-2016-7478
Zend/zend_exceptions.c in PHP, possibly 5.x prior to 5.6.28 and 7.x prior to 7.0.13, allows remote malicious users to cause a denial of service (infinite loop) via a crafted Exception object in serialized data, a related issue to CVE-2015-8876.
Php Php 5.0.0
Php Php 5.0.1
Php Php 5.0.2
Php Php 5.1.3
Php Php 5.1.4
Php Php 5.2.13
Php Php 5.2.14
Php Php 5.2.5
Php Php 5.2.6
Php Php 5.3.11
Php Php 5.3.12
Php Php 5.3.2
Php Php 5.3.20
Php Php 5.3.27
Php Php 5.3.28
Php Php 5.3.9
Php Php 5.4.0
Php Php 5.4.13
Php Php 5.4.14
Php Php 5.4.19
Php Php 5.4.2
Php Php 5.4.26
570
VMScore
CVE-2017-11147
In PHP prior to 5.6.30 and 7.x prior to 7.0.15, the PHAR archive handler could be used by attackers supplying malicious archive files to crash the PHP interpreter or potentially disclose information due to a buffer over-read in the phar_parse_pharfile function in ext/phar/phar.c.
Php Php
Netapp Clustered Data Ontap -
685
VMScore
CVE-2010-3870
The utf8_decode function in PHP prior to 5.3.4 does not properly handle non-shortest form UTF-8 encoding and ill-formed subsequences in UTF-8 data, which makes it easier for remote malicious users to bypass cross-site scripting (XSS) and SQL injection protection mechanisms via a ...
Php Php
Canonical Ubuntu Linux 10.10
Canonical Ubuntu Linux 9.10
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 6.06
1 EDB exploit
755
VMScore
CVE-2010-1866
The dechunk filter in PHP 5.3 up to and including 5.3.2, when decoding an HTTP chunked encoding stream, allows context-dependent malicious users to cause a denial of service (crash) and possibly trigger memory corruption via a negative chunk size, which bypasses a signed comparis...
Php Php
Opensuse Opensuse 11.1
Opensuse Opensuse 11.2
Opensuse Opensuse 11.3
Suse Linux Enterprise 11.0
Suse Linux Enterprise 10.0
1 EDB exploit
383
VMScore
CVE-2012-2317
The Debian php_crypt_revamped.patch patch for PHP 5.3.x, as used in the php5 package prior to 5.3.3-7+squeeze4 in Debian GNU/Linux squeeze, the php5 package prior to 5.3.2-1ubuntu4.17 in Ubuntu 10.04 LTS, and the php5 package prior to 5.3.5-1ubuntu7.10 in Ubuntu 11.04, does not p...
Debian Php5-common 5.3.3-7\\+squeeze4
Debian Php5-common
Debian Debian Linux
Canonical Ubuntu Linux 10.04
Canonical Php5 5.3.2-1ubuntu4.17
Canonical Php5
Canonical Php5 5.3.5-1ubuntu7.10
Canonical Ubuntu Linux 11.04
NA
CVE-2017-11146
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not an independently fixable security issue relative to CVE-2017-11145. Notes: none
760
VMScore
CVE-2016-8580
PHP object injection vulnerabilities exist in multiple widget files in AlienVault OSSIM and USM prior to 5.3.2. These vulnerabilities allow arbitrary PHP code execution via magic methods in included classes.
Alienvault Unified Security Management
Alienvault Open Source Security Information And Event Management
2 EDB exploits
668
VMScore
CVE-2005-4227
Multiple "potential" SQL injection vulnerabilities in DCP-Portal 6.1.1 might allow remote malicious users to execute arbitrary SQL commands via (1) the password and username parameters in advertiser.php, (2) the aid parameter in announcement.php, (3) the dcp5_member_id,...
Codeworx Technologies Dcp-portal 4.0
Codeworx Technologies Dcp-portal 4.1
Codeworx Technologies Dcp-portal 5.3
Codeworx Technologies Dcp-portal 5.3.1
Codeworx Technologies Dcp-portal 4.2
Codeworx Technologies Dcp-portal 4.5.1
Codeworx Technologies Dcp-portal 5.3.2
Codeworx Technologies Dcp-portal 6.0
Codeworx Technologies Dcp-portal 3.7
Codeworx Technologies Dcp-portal 5.1
Codeworx Technologies Dcp-portal 5.2
Codeworx Technologies Dcp-portal 5.0.1
Codeworx Technologies Dcp-portal 5.0.2
Codeworx Technologies Dcp-portal 6.1
Codeworx Technologies Dcp-portal 6.1.1
578
VMScore
CVE-2021-32693
Symfony is a PHP framework for web and console applications and a set of reusable PHP components. A vulnerability related to firewall authentication is in Symfony starting with version 5.3.0 and before 5.3.2. When an application defines multiple firewalls, the token authenticated...
Sensiolabs Symfony
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
SSRF
CVE-2023-52162
CVE-2024-23670
CVE-2024-5404
man-in-the-middle
CVE-2024-5214
CVE-2024-4358
CVE-2024-20696
hard-coded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
NEXT »