Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php php 5.0.1 vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2004-1020
The addslashes function in PHP 4.3.9 does not properly escape a NULL (/0) character, which may allow remote malicious users to read arbitrary files in PHP applications that contain a directory traversal vulnerability in require or include statements, but are otherwise protected b...
Php Php 4.3.7
Php Php 4.3.8
Php Php 5.0
Php Php 5.0.1
Php Php 5.0.2
Php Php 4.3.6
Php Php 4.3.9
Php Php 5.0.0
1 EDB exploit
5
CVSSv2
CVE-2006-0207
Multiple HTTP response splitting vulnerabilities in PHP 5.1.1 allow remote malicious users to inject arbitrary HTTP headers via a crafted Set-Cookie header, related to the (1) session extension (aka ext/session) and the (2) header function.
Php Php 5.0
Php Php 5.0.3
Php Php 5.0.4
Php Php 5.0.0
Php Php 5.0.1
Php Php 5.0.2
Php Php 5.1.0
Php Php 5.1.1
Php Php 5.0.5
7.2
CVSSv2
CVE-2006-5706
Unspecified vulnerabilities in PHP, probably prior to 5.2.0, allow local users to bypass open_basedir restrictions and perform unspecified actions via unspecified vectors involving the (1) chdir and (2) tempnam functions. NOTE: the tempnam vector might overlap CVE-2006-1494.
Php Php 5.0.1
Php Php 5.0
Php Php
Php Php 5.1.1
Php Php 5.1.2
Php Php 5.1.3
Php Php 5.1.4
Php Php 5.1.5
Php Php 5.0.2
Php Php 5.0.3
Php Php 5.0.4
Php Php 5.0.5
Php Php 5.0.0
Php Php 5.1.0
7.5
CVSSv2
CVE-2006-5465
Buffer overflow in PHP prior to 5.2.0 allows remote malicious users to execute arbitrary code via crafted UTF-8 inputs to the (1) htmlentities or (2) htmlspecialchars functions.
Php Php 5.0.0
Php Php 5.0
Php Php 5.0.1
Php Php 5.0.2
Php Php 5.1.0
Php Php 5.1.1
Php Php 5.0.5
Php Php 5.1.4
Php Php 5.1.5
Php Php
Php Php 5.0.3
Php Php 5.0.4
Php Php 5.1.2
Php Php 5.1.3
5.1
CVSSv2
CVE-2007-1824
Buffer overflow in the php_stream_filter_create function in PHP 5 prior to 5.2.1 allows remote malicious users to cause a denial of service (application crash) via a php://filter/ URL that has a name ending in the '.' character.
Php Php 5.0.5
Php Php 5.1.0
Php Php 5.0.1
Php Php 5.0.2
Php Php 5.1.4
Php Php 5.1.5
Php Php 5.0.0
Php Php 5.1.1
Php Php 5.1.2
Php Php 5.1.3
Php Php 5.0.3
Php Php 5.0.4
Php Php 5.1.6
Php Php 5.2.0
5
CVSSv2
CVE-2007-1452
The FDF support (ext/fdf) in PHP 5.2.0 and previous versions does not implement the input filtering hooks for ext/filter, which allows remote malicious users to bypass web site filters via an application/vnd.fdf formatted POST.
Php Php 5.0.0
Php Php 5.0
Php Php 5.1.0
Php Php 5.2.0
Php Php 5.0.2
Php Php 5.0.3
Php Php 5.0.4
Php Php 5.0.5
Php Php 5.1.1
Php Php 5.1.2
Php Php 5.1.3
Php Php 5.1.4
Php Php 5.1.5
Php Php 5.0.1
Php Php 5.1.6
1 EDB exploit
6.8
CVSSv2
CVE-2007-2872
Multiple integer overflows in the chunk_split function in PHP 5 prior to 5.2.3 and PHP 4 prior to 4.4.8 allow remote malicious users to cause a denial of service (crash) or execute arbitrary code via the (1) chunks, (2) srclen, and (3) chunklen arguments.
Php Php 5.1.5
Php Php 5.1.2
Php Php 5.1.1
Php Php 5.1.6
Php Php 5.2.2
Php Php 5.0.5
Php Php 5.0.1
Php Php 5.1.4
Php Php 5.0.4
Php Php
Php Php 5.0.3
Php Php 5.1.0
Php Php 5.2.0
Php Php 5.1.3
Php Php 5.0.2
Php Php 5.2.1
Php Php 5.0.0
1 EDB exploit
7.5
CVSSv2
CVE-2008-2107
The GENERATE_SEED macro in PHP 4.x prior to 4.4.8 and 5.x prior to 5.2.5, when running on 32-bit systems, performs a multiplication using values that can produce a zero seed in rare circumstances, which allows context-dependent malicious users to predict subsequent values of the ...
Php Php 5
Php Php 5.0.0
Php Php 5.0.2
Php Php 5.0.3
Php Php 5.1.5
Php Php 5.1.6
Php Php 5.0.1
Php Php 5.1.3
Php Php 5.1.4
Php Php 5.2.4
Php Php
Php Php 5.0.4
Php Php 5.0.5
Php Php 5.1.0
Php Php 5.2.0
Php Php 5.2.1
Php Php 5.1.1
Php Php 5.1.2
Php Php 5.2.2
Php Php 5.2.3
7.5
CVSSv2
CVE-2008-5625
PHP 5 prior to 5.2.7 does not enforce the error_log safe_mode restrictions when safe_mode is enabled through a php_admin_flag setting in httpd.conf, which allows context-dependent malicious users to write to arbitrary files by placing a "php_value error_log" entry in a ...
Php Php 5.2.1
Php Php 5.2.2
Php Php 5.1.3
Php Php 5.1.2
Php Php 5.0.0
Php Php
Php Php 5.2.5
Php Php 5.1.6
Php Php 5.0.5
Php Php 5.0.4
Php Php 5.2.3
Php Php 5.2.4
Php Php 5.1.1
Php Php 5.1.0
Php Php 5.2.0
Php Php 5.1.5
Php Php 5.1.4
Php Php 5.0.3
Php Php 5.0.2
Php Php 5.0.1
1 EDB exploit
7.5
CVSSv2
CVE-2008-5658
Directory traversal vulnerability in the ZipArchive::extractTo function in PHP 5.2.6 and previous versions allows context-dependent malicious users to write arbitrary files via a ZIP file with a file whose name contains .. (dot dot) sequences.
Php Php 5.2.0
Php Php 5.1.6
Php Php 5.0.5
Php Php 5.0.4
Php Php 5.0.0
Php Php
Php Php 5.1.5
Php Php 5.1.4
Php Php 5.0.3
Php Php 5.0.2
Php Php 5.2.5
Php Php 5.2.4
Php Php 5.2.3
Php Php 5.1.3
Php Php 5.1.2
Php Php 5.0.1
Php Php 5.2.2
Php Php 5.2.1
Php Php 5.1.1
Php Php 5.1.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »