Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php php 5.0 vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2009-4418
The unserialize function in PHP 5.3.0 and previous versions allows context-dependent malicious users to cause a denial of service (resource consumption) via a deeply nested serialized variable, as demonstrated by a string beginning with a:1: followed by many {a:1: sequences.
Php Php 5.2.11
Php Php 5.2.7
Php Php 5.2.9
Php Php 5.1.2
Php Php 5.0.0
Php Php 5.0.2
Php Php 5.2.4
Php Php 5.2.3
Php Php 5.0
Php Php 5.1.1
Php Php 5.2.1
Php Php 5.2.2
Php Php 5
Php Php 5.2.10
Php Php 5.2.6
Php Php 5.2.8
Php Php 5.1.0
Php Php 5.0.5
Php Php 5.0.4
Php Php 5.1.6
Php Php 5.2.0
Php Php 5.2.5
5
CVSSv2
CVE-2009-4017
PHP prior to 5.2.12 and 5.3.x prior to 5.3.1 does not restrict the number of temporary files created when handling a multipart/form-data POST request, which allows remote malicious users to cause a denial of service (resource exhaustion), and makes it easier for remote malicious ...
Php Php
Php Php 5.3.0
Debian Debian Linux 5.0
Apple Mac Os X 10.6.3
Debian Debian Linux 4.0
Debian Debian Linux 6.0
1 EDB exploit
5
CVSSv2
CVE-2008-5498
Array index error in the imageRotate function in PHP 5.2.8 and previous versions allows context-dependent malicious users to read the contents of arbitrary memory locations via a crafted value of the third argument (aka the bgd_color or clrBack argument) for an indexed image.
Php Php 5.1.3
Php Php 5.1.2
Php Php 5.2.1
Php Php 5.2.2
Php Php 5.0
Php Php 5.0.2
Php Php 5.0.1
Php Php 5.0.0
Php Php 5.2.6
Php Php 5.2.5
Php Php 5.1.6
Php Php 5.2.0
Php Php 5.0.4
Php Php 5.0.3
Php Php
Php Php 5.1.1
Php Php 5.1.0
Php Php 5.0.5
Php Php 5
Php Php 5.2.7
Php Php 5.2.4
Php Php 5.2.3
1 EDB exploit
5
CVSSv2
CVE-2008-2666
Multiple directory traversal vulnerabilities in PHP 5.2.6 and previous versions allow context-dependent malicious users to bypass safe_mode restrictions by creating a subdirectory named http: and then placing ../ (dot dot slash) sequences in an http URL argument to the (1) chdir ...
Php Php 5.0.0
Php Php 5.0.1
Php Php 5.1.0
Php Php 5.1.1
Php Php 5.2.1
Php Php 5.2.2
Php Php 5.0.2
Php Php 5.0.3
Php Php 5.1.2
Php Php 5.1.3
Php Php 5.2.3
Php Php 5.2.4
Php Php 5.0
Php Php 5.1.6
Php Php 5.2.0
Php Php 5.0.4
Php Php 5.0.5
Php Php 5.1.4
Php Php 5.1.5
Php Php 5.2.5
Php Php
1 EDB exploit
5
CVSSv2
CVE-2007-1717
The mail function in PHP 4.0.0 up to and including 4.4.6 and 5.0.0 up to and including 5.2.1 truncates e-mail messages at the first ASCIIZ ('\0') byte, which might allow context-dependent malicious users to prevent intended information from being delivered in e-mail mes...
Php Php 4.0.1
Php Php 4.0.2
Php Php 4.0.3
Php Php 4.0.7
Php Php 4.0
Php Php 4.2
Php Php 4.3.0
Php Php 4.3.5
Php Php 4.0.0
Php Php 4.0.4
Php Php 4.0.5
Php Php 4.1.2
Php Php 4.2.0
Php Php 4.3.11
Php Php 4.3.2
Php Php 4.3.9
Php Php 4.4.0
Php Php 5.0.0
Php Php 5.0.2
Php Php 5.0.3
Php Php 5.1.1
Php Php 4.1.0
1 EDB exploit
5
CVSSv2
CVE-2007-1452
The FDF support (ext/fdf) in PHP 5.2.0 and previous versions does not implement the input filtering hooks for ext/filter, which allows remote malicious users to bypass web site filters via an application/vnd.fdf formatted POST.
Php Php 5.0.0
Php Php 5.0
Php Php 5.1.0
Php Php 5.2.0
Php Php 5.0.2
Php Php 5.0.3
Php Php 5.0.4
Php Php 5.0.5
Php Php 5.1.1
Php Php 5.1.2
Php Php 5.1.3
Php Php 5.1.4
Php Php 5.1.5
Php Php 5.0.1
Php Php 5.1.6
1 EDB exploit
5
CVSSv2
CVE-2007-1380
The php_binary serialization handler in the session extension in PHP prior to 4.4.5, and 5.x prior to 5.2.1, allows context-dependent malicious users to obtain sensitive information (memory contents) via a serialized variable entry with a large length value, which triggers a buff...
Php Php 4.0
Php Php 4.0.3
Php Php 4.0.4
Php Php 4.1.1
Php Php 4.1.2
Php Php 4.3.1
Php Php 4.3.10
Php Php 4.3.8
Php Php 4.3.9
Php Php 5.0.0
Php Php 5.0.2
Php Php 5.0.3
Php Php 5.0.4
Php Php 5.1.1
Php Php 5.1.2
Php Php 4.0.2
Php Php 4.0.7
Php Php 4.1.0
Php Php 4.2
Php Php 4.3.0
Php Php 4.3.6
Php Php 4.3.7
1 EDB exploit
5
CVSSv2
CVE-2006-7087
CRLF injection vulnerability in the mail function in Dotdeb PHP prior to 5.2.0 Rev 3 allows remote malicious users to bypass the protection scheme and inject arbitrary email headers via CRLF sequences in the query string, which is processed via the PHP_SELF variable.
Dotdeb Dotdeb Php 4.4
Dotdeb Dotdeb Php 5.0
Dotdeb Dotdeb Php 5.1
Dotdeb Dotdeb Php 5.2
Dotdeb Dotdeb Php 4.4.3
Dotdeb Dotdeb Php 4.4.4
5
CVSSv2
CVE-2007-0907
Buffer underflow in PHP prior to 5.2.1 allows malicious users to cause a denial of service via unspecified vectors involving the sapi_header_op function.
Php Php 3.0.13
Php Php 3.0.14
Php Php 3.0.4
Php Php 3.0.5
Php Php 4.0.1
Php Php 4.0.7
Php Php 4.2.2
Php Php 4.2.3
Php Php 4.3.3
Php Php 4.3.4
Php Php 4.3.5
Php Php 4.4.2
Php Php 4.4.3
Php Php 5.0.5
Php Php 5.0
Php Php 5.1.5
Php Php 5.1.6
Php Php 3.0
Php Php 3.0.15
Php Php 3.0.16
Php Php 3.0.6
Php Php 3.0.7
5
CVSSv2
CVE-2006-1490
PHP prior to 5.1.3-RC1 might allow remote malicious users to obtain portions of memory via crafted binary data sent to a script that processes user input in the html_entity_decode function and sends the encoded results back to the client, aka a "binary safety" issue. NO...
Php Php 4.3.9
Php Php 3.0
Php Php 3.0.5
Php Php 3.0.11
Php Php 5.1.2
Php Php 4.2.0
Php Php 5.1.1
Php Php 3.0.1
Php Php 3.0.2
Php Php 5.0.0
Php Php 4.1.0
Php Php 4.3.4
Php Php 4.0.4
Php Php 4.3.0
Php Php 4.0.5
Php Php 5.0
Php Php 3.0.8
Php Php 5.0.5
Php Php 4.3.6
Php Php 3.0.13
Php Php 5.0.1
Php Php 4.0.7
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »