Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php php 5.3.6 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2011-1657
The (1) ZipArchive::addGlob and (2) ZipArchive::addPattern functions in ext/zip/php_zip.c in PHP 5.3.6 allow context-dependent malicious users to cause a denial of service (application crash) via certain flags arguments, as demonstrated by (a) GLOB_ALTDIRFUNC and (b) GLOB_APPEND.
Php Php 5.3.6
NA
CVE-2011-1938
Stack-based buffer overflow in the socket_connect function in ext/sockets/sockets.c in PHP 5.3.3 up to and including 5.3.6 might allow context-dependent malicious users to execute arbitrary code via a long pathname for a UNIX socket.
Php Php 5.3.4
Php Php 5.3.5
Php Php 5.3.3
Php Php 5.3.6
2 EDB exploits
NA
CVE-2011-1398
The sapi_header_op function in main/SAPI.c in PHP prior to 5.3.11 and 5.4.x prior to 5.4.0RC2 does not check for %0D sequences (aka carriage return characters), which allows remote malicious users to bypass an HTTP response-splitting protection mechanism via a crafted URL, relate...
Php Php 5.3.7
Php Php 5.3.6
Php Php 5.3.5
Php Php 5.3.9
Php Php 5.3.8
Php Php 5.3.0
Php Php
Php Php 5.3.2
Php Php 5.3.1
Php Php 5.3.4
Php Php 5.3.3
1 EDB exploit
NA
CVE-2012-3450
pdo_sql_parser.re in the PDO extension in PHP prior to 5.3.14 and 5.4.x prior to 5.4.4 does not properly determine the end of the query string during parsing of prepared statements, which allows remote malicious users to cause a denial of service (out-of-bounds read and applicati...
Php Php 5.3.11
Php Php 5.3.4
Php Php 5.3.9
Php Php 5.3.2
Php Php 5.3.12
Php Php 5.3.8
Php Php 5.3.6
Php Php 5.3.5
Php Php 5.4.2
Php Php 5.4.3
Php Php 5.3.1
Php Php 5.3.7
Php Php 5.4.0
Php Php 5.4.1
Php Php 5.3.3
Php Php 5.3.0
Php Php 5.3.10
Php Php
1 EDB exploit
NA
CVE-2011-1468
Multiple memory leaks in the OpenSSL extension in PHP prior to 5.3.6 might allow remote malicious users to cause a denial of service (memory consumption) via (1) plaintext data to the openssl_encrypt function or (2) ciphertext data to the openssl_decrypt function.
Php Php 4.0.3
Php Php 4.0.4
Php Php 4.0
Php Php 4.2.1
Php Php 4.2.2
Php Php 4.3.2
Php Php 4.3.3
Php Php 4.4.0
Php Php 4.4.1
Php Php 4.4.8
Php Php 4.4.9
Php Php 3.0.11
Php Php 3.0.18
Php Php 3.0.4
Php Php 3.0.7
Php Php 3.0.8
Php Php 5.2.10
Php Php 5.2.13
Php Php 5.2.3
Php Php 5.2.14
Php Php 5.2.4
Php Php 5.1.3
2 EDB exploits
NA
CVE-2011-1092
Integer overflow in ext/shmop/shmop.c in PHP prior to 5.3.6 allows context-dependent malicious users to cause a denial of service (crash) and possibly read sensitive memory via a large third argument to the shmop_read function.
Php Php 5.3.1
Php Php 5.3.2
Php Php 4.0.6
Php Php 4.0.7
Php Php 4.1.1
Php Php 4.1.2
Php Php 4.3.0
Php Php 4.0.2
Php Php 4.0.3
Php Php 4.0
Php Php 4.0.0
Php Php 4.0.1
Php Php 4.2.0
Php Php 4.3.1
Php Php 4.3.10
Php Php 4.3.7
Php Php 4.3.8
Php Php 4.4.5
Php Php 4.4.6
Php Php 3.0.1
Php Php 3.0
Php Php 3.0.17
1 EDB exploit
NA
CVE-2011-2202
The rfc1867_post_handler function in main/rfc1867.c in PHP prior to 5.3.7 does not properly restrict filenames in multipart/form-data POST requests, which allows remote malicious users to conduct absolute path traversal attacks, and possibly create or overwrite arbitrary files, v...
Php Php 5.3.0
Php Php 4.0.4
Php Php 4.0.5
Php Php 4.0
Php Php 4.1.0
Php Php 4.2.2
Php Php 4.2.3
Php Php 4.3.3
Php Php 4.3.4
Php Php 4.4.1
Php Php 4.4.2
Php Php 3.0.11
Php Php 3.0.10
Php Php 3.0.4
Php Php 3.0.3
Php Php 3.0.8
Php Php 3.0.5
Php Php
Php Php 4.0.0
Php Php 4.0.1
Php Php 4.2.0
Php Php 4.3.1
1 EDB exploit
NA
CVE-2012-0057
PHP prior to 5.3.9 has improper libxslt security settings, which allows remote malicious users to create arbitrary files via a crafted XSLT stylesheet that uses the libxslt output extension.
Php Php 5.3.4
Php Php 5.3.6
Php Php 5.3.0
Php Php 5.3.1
Php Php 5.2.10
Php Php 5.2.13
Php Php 5.2.4
Php Php 5.2.3
Php Php 5.1.1
Php Php 5.1.0
Php Php 5.0.0
Php Php
Php Php 5.2.15
Php Php 5.2.9
Php Php 5.2.7
Php Php 5.2.0
Php Php 5.2.17
Php Php 5.2.2
Php Php 5.0.5
Php Php 5.0.4
Php Php 5.0.1
Php Php 5.3.7
NA
CVE-2012-0789
Memory leak in the timezone functionality in PHP prior to 5.3.9 allows remote malicious users to cause a denial of service (memory consumption) by triggering many strtotime function calls, which are not properly handled by the php_date_parse_tzfile cache.
Php Php 5.2.15
Php Php 5.3.3
Php Php 5.2.9
Php Php 5.2.8
Php Php 5.2.1
Php Php 5.2.0
Php Php 5.0.5
Php Php 5.0.4
Php Php 5.0.3
Php Php 5.0.0
Php Php 5.3.5
Php Php 5.2.17
Php Php 5.3.0
Php Php 5.2.12
Php Php 5.2.5
Php Php 5.2.4
Php Php 5.1.4
Php Php 5.1.3
Php Php
Php Php 5.2.16
Php Php 5.3.4
Php Php 5.2.11
1 EDB exploit
NA
CVE-2012-0788
The PDORow implementation in PHP prior to 5.3.9 does not properly interact with the session feature, which allows remote malicious users to cause a denial of service (application crash) via a crafted application that uses a PDO driver for a fetch and then calls the session_start ...
Php Php 5.2.15
Php Php 5.3.3
Php Php 5.2.14
Php Php 5.2.9
Php Php 5.2.8
Php Php 5.2.1
Php Php 5.2.0
Php Php 5.3.5
Php Php 5.2.17
Php Php 5.3.0
Php Php 5.2.12
Php Php 5.2.5
Php Php 5.2.4
Php Php 5.1.4
Php Php 5.1.3
Php Php 5.0.0
Php Php
Php Php 5.0.4
Php Php 5.0.3
Php Php 5.3.7
Php Php 5.3.6
Php Php 5.3.2
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »