Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php vulnerabilities and exploits
(subscribe to this query)
755
VMScore
CVE-2007-1777
Integer overflow in the zip_read_entry function in PHP 4 prior to 4.4.5 allows remote malicious users to execute arbitrary code via a ZIP archive that contains an entry with a length value of 0xffffffff, which is incremented before use in an emalloc call, triggering a heap overfl...
Php Php 4.3.9
Php Php 3.0
Php Php 3.0.5
Php Php 3.0.11
Php Php 4.2.0
Php Php 3.0.1
Php Php 3.0.2
Php Php 4.4.4
Php Php 4.1.0
Php Php 4.3.4
Php Php 4.0.4
Php Php 4.3.0
Php Php 4.0.5
Php Php 3.0.8
Php Php 4.3.6
Php Php 3.0.13
Php Php 4.0.7
Php Php 4.3.7
Php Php 4.2.2
Php Php 4.4.2
Php Php 3.0.7
Php Php 4.3.2
1 EDB exploit
685
VMScore
CVE-2007-1582
The resource system in PHP 4.0.0 up to and including 4.4.6 and 5.0.0 up to and including 5.2.1 allows context-dependent malicious users to execute arbitrary code by interrupting certain functions in the GD (ext/gd) extension and unspecified other extensions via a userspace error ...
Php Php 4.3.9
Php Php 4.0
Php Php 5.1.5
Php Php 5.1.2
Php Php 4.2.0
Php Php 5.1.1
Php Php 4.4.4
Php Php 5.0.0
Php Php 4.1.0
Php Php 5.1.6
Php Php 4.3.4
Php Php 4.0.4
Php Php 4.3.0
Php Php 4.0.5
Php Php 5.0
Php Php 5.0.5
Php Php 4.3.6
Php Php 5.0.1
Php Php 5.1.4
Php Php 4.0.7
Php Php 4.3.7
Php Php 5.0.4
1 EDB exploit
505
VMScore
CVE-2007-1717
The mail function in PHP 4.0.0 up to and including 4.4.6 and 5.0.0 up to and including 5.2.1 truncates e-mail messages at the first ASCIIZ ('\0') byte, which might allow context-dependent malicious users to prevent intended information from being delivered in e-mail mes...
Php Php 4.3.9
Php Php 4.0
Php Php 5.1.5
Php Php 5.1.2
Php Php 4.2.0
Php Php 5.1.1
Php Php 4.4.4
Php Php 5.0.0
Php Php 4.1.0
Php Php 5.1.6
Php Php 4.3.4
Php Php 4.0.4
Php Php 4.3.0
Php Php 4.0.5
Php Php 5.0
Php Php 5.0.5
Php Php 4.3.6
Php Php 5.0.1
Php Php 5.1.4
Php Php 4.0.7
Php Php 4.3.7
Php Php 5.0.4
1 EDB exploit
685
VMScore
CVE-2007-1001
Multiple integer overflows in the (1) createwbmp and (2) readwbmp functions in wbmp.c in the GD library (libgd) in PHP 4.0.0 up to and including 4.4.6 and 5.0.0 up to and including 5.2.1 allow context-dependent malicious users to execute arbitrary code via Wireless Bitmap (WBMP) ...
Php Php 4.3.9
Php Php 4.0
Php Php 5.1.5
Php Php 5.1.2
Php Php 4.2.0
Php Php 5.1.1
Php Php 4.4.4
Php Php 5.0.0
Php Php 4.1.0
Php Php 5.1.6
Php Php 4.3.4
Php Php 4.0.4
Php Php 4.3.0
Php Php 4.0.5
Php Php 5.0
Php Php 5.0.5
Php Php 4.3.6
Php Php 5.0.1
Php Php 5.1.4
Php Php 4.0.7
Php Php 4.3.7
Php Php 5.0.4
1 EDB exploit
445
VMScore
CVE-2009-3557
The tempnam function in ext/standard/file.c in PHP prior to 5.2.12 and 5.3.x prior to 5.3.1 allows context-dependent malicious users to bypass safe_mode restrictions, and create files in group-writable or world-writable directories, via the dir and prefix arguments.
Php Php 4.4.9
Php Php 3.0
Php Php 4.0
Php Php 3.0.5
Php Php 3.0.11
Php Php 4.2.0
Php Php 5.1.1
Php Php 3.0.1
Php Php 3.0.2
Php Php 4.1.0
Php Php 4.0.4
Php Php 4.3.0
Php Php 4.0.5
Php Php 3.0.8
Php Php 3.0.13
Php Php 5.2.5
Php Php 4.3.7
Php Php 4.2.2
Php Php 4.4.2
Php Php 3.0.7
Php Php 4.3.2
Php Php 4.3.11
828
VMScore
CVE-2006-3017
zend_hash_del_key_or_index in zend_hash.c in PHP prior to 4.4.3 and 5.x prior to 5.1.3 can cause zend_hash_del to delete the wrong element, which prevents a variable from being unset even when the PHP unset function is called, which might cause the variable's value to be use...
Php Php 4.3.9
Php Php 3.0
Php Php 4.0
Php Php 3.0.5
Php Php 3.0.11
Php Php 5.1.2
Php Php 4.2.0
Php Php 5.1.1
Php Php 3.0.1
Php Php 3.0.2
Php Php 5.0.0
Php Php 4.1.0
Php Php 4.3.4
Php Php 4.0.4
Php Php 4.3.0
Php Php 4.0.5
Php Php 5.0
Php Php 3.0.8
Php Php 5.0.5
Php Php 4.3.6
Php Php 3.0.13
Php Php 5.0.1
668
VMScore
CVE-2011-1148
Use-after-free vulnerability in the substr_replace function in PHP 5.3.6 and previous versions allows context-dependent malicious users to cause a denial of service (memory corruption) or possibly have unspecified other impact by using the same variable for multiple arguments.
Php Php 4.3.9
Php Php 4.4.9
Php Php 3.0
Php Php 4.0
Php Php 3.0.5
Php Php 3.0.11
Php Php 5.3.1
Php Php 4.2.0
Php Php 3.0.1
Php Php 3.0.2
Php Php 4.4.4
Php Php 4.1.0
Php Php 4.3.4
Php Php 4.0.4
Php Php 4.3.0
Php Php 4.0.5
Php Php 3.0.8
Php Php 4.3.6
Php Php 3.0.13
Php Php 4.3.7
Php Php 4.2.2
Php Php 4.4.2
668
VMScore
CVE-2007-0906
Multiple buffer overflows in PHP prior to 5.2.1 allow malicious users to cause a denial of service and possibly execute arbitrary code via unspecified vectors in the (1) session, (2) zip, (3) imap, and (4) sqlite extensions; (5) stream filters; and the (6) str_replace, (7) mail, ...
Php Php 4.3.9
Php Php 3.0
Php Php 3.0.5
Php Php 3.0.11
Php Php 5.1.5
Php Php 5.1.2
Php Php 4.2.0
Php Php 5.1.1
Php Php 3.0.1
Php Php 3.0.2
Php Php 4.4.4
Php Php 4.1.0
Php Php 5.1.6
Php Php 4.3.4
Php Php 4.0.4
Php Php 4.3.0
Php Php 4.0.5
Php Php 5.0
Php Php 3.0.8
Php Php 5.0.5
Php Php 4.3.6
Php Php 3.0.13
445
VMScore
CVE-2007-0907
Buffer underflow in PHP prior to 5.2.1 allows malicious users to cause a denial of service via unspecified vectors involving the sapi_header_op function.
Php Php 4.3.9
Php Php 3.0
Php Php 3.0.5
Php Php 3.0.11
Php Php 5.1.5
Php Php 5.1.2
Php Php 4.2.0
Php Php 5.1.1
Php Php 3.0.1
Php Php 3.0.2
Php Php 4.4.4
Php Php 4.1.0
Php Php 5.1.6
Php Php 4.3.4
Php Php 4.0.4
Php Php 4.3.0
Php Php 4.0.5
Php Php 5.0
Php Php 3.0.8
Php Php 5.0.5
Php Php 4.3.6
Php Php 3.0.13
668
VMScore
CVE-2007-0909
Multiple format string vulnerabilities in PHP prior to 5.2.1 might allow malicious users to execute arbitrary code via format string specifiers to (1) all of the *print functions on 64-bit systems, and (2) the odbc_result_all function.
Php Php 4.3.9
Php Php 3.0
Php Php 3.0.5
Php Php 3.0.11
Php Php 5.1.5
Php Php 5.1.2
Php Php 4.2.0
Php Php 5.1.1
Php Php 3.0.1
Php Php 3.0.2
Php Php 4.4.4
Php Php 4.1.0
Php Php 5.1.6
Php Php 4.3.4
Php Php 4.0.4
Php Php 4.3.0
Php Php 4.0.5
Php Php 5.0
Php Php 3.0.8
Php Php 5.0.5
Php Php 4.3.6
Php Php 3.0.13
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27802
template injection
CVE-2024-0044
code injection
CVE-2024-35474
CVE-2024-27857
CVE-2024-23251
CVE-2024-23692
physical
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »