Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php php 5.2.9 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2010-1129
The safe_mode implementation in PHP prior to 5.2.13 does not properly handle directory pathnames that lack a trailing / (slash) character, which allows context-dependent malicious users to bypass intended access restrictions via vectors related to use of the tempnam function.
Php Php 5.2.0
Php Php 5.2.1
Php Php 5.2.2
Php Php 5.2.3
Php Php 5.2.4
Php Php 5.2.5
Php Php 5.2.6
Php Php 5.2.7
Php Php 5.2.8
Php Php 5.2.9
Php Php 5.2.10
Php Php 5.2.11
NA
CVE-2010-2484
The strrchr function in PHP 5.2 prior to 5.2.14 allows context-dependent malicious users to obtain sensitive information (memory contents) or trigger memory corruption by causing a userspace interruption of an internal function or handler.
Php Php 5.2.0
Php Php 5.2.1
Php Php 5.2.2
Php Php 5.2.3
Php Php 5.2.4
Php Php 5.2.5
Php Php 5.2.6
Php Php 5.2.8
Php Php 5.2.9
Php Php 5.2.10
Php Php 5.2.11
Php Php 5.2.12
NA
CVE-2010-1128
The Linear Congruential Generator (LCG) in PHP prior to 5.2.13 does not provide the expected entropy, which makes it easier for context-dependent malicious users to guess values that were intended to be unpredictable, as demonstrated by session cookies generated by using the uniq...
Php Php
Php Php 5.2.0
Php Php 5.2.1
Php Php 5.2.2
Php Php 5.2.3
Php Php 5.2.4
Php Php 5.2.5
Php Php 5.2.6
Php Php 5.2.7
Php Php 5.2.8
Php Php 5.2.9
Php Php 5.2.10
1 EDB exploit
NA
CVE-2010-2093
Use-after-free vulnerability in the request shutdown functionality in PHP 5.2 prior to 5.2.13 and 5.3 prior to 5.3.2 allows context-dependent malicious users to cause a denial of service (crash) via a stream context structure that is freed before destruction occurs.
Php Php 5.2.0
Php Php 5.2.1
Php Php 5.2.2
Php Php 5.2.3
Php Php 5.2.4
Php Php 5.2.5
Php Php 5.2.6
Php Php 5.2.7
Php Php 5.2.8
Php Php 5.2.9
Php Php 5.2.10
Php Php 5.2.11
NA
CVE-2010-2190
The (1) trim, (2) ltrim, (3) rtrim, and (4) substr_replace functions in PHP 5.2 up to and including 5.2.13 and 5.3 up to and including 5.3.2 allow context-dependent malicious users to obtain sensitive information (memory contents) by causing a userspace interruption of an interna...
Php Php 5.2.0
Php Php 5.2.1
Php Php 5.2.2
Php Php 5.2.3
Php Php 5.2.4
Php Php 5.2.5
Php Php 5.2.6
Php Php 5.2.7
Php Php 5.2.8
Php Php 5.2.9
Php Php 5.2.10
Php Php 5.2.11
NA
CVE-2010-3065
The default session serializer in PHP 5.2 up to and including 5.2.13 and 5.3 up to and including 5.3.2 does not properly handle the PS_UNDEF_MARKER marker, which allows context-dependent malicious users to modify arbitrary session variables via a crafted session variable name.
Php Php 5.2.0
Php Php 5.2.1
Php Php 5.2.2
Php Php 5.2.3
Php Php 5.2.4
Php Php 5.2.5
Php Php 5.2.6
Php Php 5.2.7
Php Php 5.2.8
Php Php 5.2.9
Php Php 5.2.10
Php Php 5.2.11
NA
CVE-2010-2097
The (1) iconv_mime_decode, (2) iconv_substr, and (3) iconv_mime_encode functions in PHP 5.2 up to and including 5.2.13 and 5.3 up to and including 5.3.2 allow context-dependent malicious users to obtain sensitive information (memory contents) by causing a userspace interruption o...
Php Php 5.2.0
Php Php 5.2.1
Php Php 5.2.2
Php Php 5.2.3
Php Php 5.2.4
Php Php 5.2.5
Php Php 5.2.6
Php Php 5.2.7
Php Php 5.2.8
Php Php 5.2.9
Php Php 5.2.10
Php Php 5.2.11
NA
CVE-2010-2100
The (1) htmlentities, (2) htmlspecialchars, (3) str_getcsv, (4) http_build_query, (5) strpbrk, and (6) strtr functions in PHP 5.2 up to and including 5.2.13 and 5.3 up to and including 5.3.2 allow context-dependent malicious users to obtain sensitive information (memory contents)...
Php Php 5.2.0
Php Php 5.2.1
Php Php 5.2.2
Php Php 5.2.3
Php Php 5.2.4
Php Php 5.2.5
Php Php 5.2.6
Php Php 5.2.7
Php Php 5.2.8
Php Php 5.2.9
Php Php 5.2.10
Php Php 5.2.11
NA
CVE-2010-2191
The (1) parse_str, (2) preg_match, (3) unpack, and (4) pack functions; the (5) ZEND_FETCH_RW, (6) ZEND_CONCAT, and (7) ZEND_ASSIGN_CONCAT opcodes; and the (8) ArrayObject::uasort method in PHP 5.2 up to and including 5.2.13 and 5.3 up to and including 5.3.2 allow context-dependen...
Php Php 5.2.0
Php Php 5.2.1
Php Php 5.2.2
Php Php 5.2.3
Php Php 5.2.4
Php Php 5.2.5
Php Php 5.2.6
Php Php 5.2.7
Php Php 5.2.8
Php Php 5.2.9
Php Php 5.2.10
Php Php 5.2.11
NA
CVE-2010-2101
The (1) strip_tags, (2) setcookie, (3) strtok, (4) wordwrap, (5) str_word_count, and (6) str_pad functions in PHP 5.2 up to and including 5.2.13 and 5.3 up to and including 5.3.2 allow context-dependent malicious users to obtain sensitive information (memory contents) by causing ...
Php Php 5.2.0
Php Php 5.2.1
Php Php 5.2.2
Php Php 5.2.3
Php Php 5.2.4
Php Php 5.2.5
Php Php 5.2.6
Php Php 5.2.7
Php Php 5.2.8
Php Php 5.2.9
Php Php 5.2.10
Php Php 5.2.11
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SQL injection
CVE-2024-52320
SQL
logic flaw
CVE-2024-6387
CVE-2024-11457
CVE-2024-11329
CVE-2024-50404
CVE-2023-48788
Home
/
Search Results
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »