Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php php 5.5.3 vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2016-4071
Format string vulnerability in the php_snmp_error function in ext/snmp/snmp.c in PHP prior to 5.5.34, 5.6.x prior to 5.6.20, and 7.x prior to 7.0.5 allows remote malicious users to execute arbitrary code via format string specifiers in an SNMP::get call.
Php Php 5.6.1
Php Php 5.6.0
Php Php 5.6.5
Php Php 5.6.12
Php Php 5.6.13
Php Php 5.6.4
Php Php 5.6.6
Php Php 5.6.18
Php Php 5.6.11
Php Php 5.6.2
Php Php 5.6.10
Php Php 5.6.7
Php Php 5.6.15
Php Php 5.6.17
Php Php 5.6.16
Php Php 5.6.9
Php Php 5.6.3
Php Php 5.6.8
Php Php 5.6.14
Php Php 5.6.19
Apple Mac Os X
Php Php 5.5.0
1 EDB exploit
9.8
CVSSv3
CVE-2015-4642
The escapeshellarg function in ext/standard/exec.c in PHP prior to 5.4.42, 5.5.x prior to 5.5.26, and 5.6.x prior to 5.6.10 on Windows allows remote malicious users to execute arbitrary OS commands via a crafted string to an application that accepts command-line arguments for a c...
Php Php
Php Php 5.5.0
Php Php 5.5.1
Php Php 5.5.2
Php Php 5.5.3
Php Php 5.5.4
Php Php 5.5.5
Php Php 5.5.6
Php Php 5.5.7
Php Php 5.5.8
Php Php 5.5.9
Php Php 5.5.10
Php Php 5.5.11
Php Php 5.5.12
Php Php 5.5.13
Php Php 5.5.14
Php Php 5.5.15
Php Php 5.5.16
Php Php 5.5.17
Php Php 5.5.18
Php Php 5.5.19
Php Php 5.5.20
9.1
CVSSv3
CVE-2019-19374
An issue exists in core/assets/form/form_question_types/form_question_type_file_upload/form_question_type_file_upload.inc in Squiz Matrix CMS 5.5.0 before 5.5.0.3, 5.5.1 before 5.5.1.8, 5.5.2 before 5.5.2.4, and 5.5.3 before 5.5.3.3 where a user can delete arbitrary files from th...
Squiz Matrix
8.8
CVSSv3
CVE-2022-2433
The WordPress Infinite Scroll – Ajax Load More plugin for WordPress is vulnerable to deserialization of untrusted input via the 'alm_repeaters_export' parameter in versions up to, and including 5.5.3. This makes it possible for unauthenticated users to call files ...
Connekthq Ajax Load More
8.1
CVSSv3
CVE-2016-6174
applications/core/modules/front/system/content.php in Invision Power Services IPS Community Suite (aka Invision Power Board, IPB, or Power Board) prior to 4.1.13, when used with PHP prior to 5.4.24 or 5.5.x prior to 5.5.8, allows remote malicious users to execute arbitrary code v...
Invisioncommunity Invision Power Board
Php Php 5.5.2
Php Php 5.5.1
Php Php 5.5.0
Php Php 5.5.7
Php Php 5.5.6
Php Php 5.5.5
Php Php 5.5.4
Php Php 5.5.3
Php Php
1 EDB exploit
7.5
CVSSv3
CVE-2019-19373
An issue exists in Squiz Matrix CMS 5.5.0 before 5.5.0.3, 5.5.1 before 5.5.1.8, 5.5.2 before 5.5.2.4, and 5.5.3 before 5.5.3.3 where a user can trigger arbitrary unserialization of a PHP object from a packages/cms/page_templates/page_remote_content/page_remote_content.inc POST pa...
Squiz Matrix
7.5
CVSSv3
CVE-2016-7478
Zend/zend_exceptions.c in PHP, possibly 5.x prior to 5.6.28 and 7.x prior to 7.0.13, allows remote malicious users to cause a denial of service (infinite loop) via a crafted Exception object in serialized data, a related issue to CVE-2015-8876.
Php Php 5.0.0
Php Php 5.0.1
Php Php 5.0.2
Php Php 5.1.3
Php Php 5.1.4
Php Php 5.2.13
Php Php 5.2.14
Php Php 5.2.5
Php Php 5.2.6
Php Php 5.3.11
Php Php 5.3.12
Php Php 5.3.2
Php Php 5.3.20
Php Php 5.3.27
Php Php 5.3.28
Php Php 5.3.9
Php Php 5.4.0
Php Php 5.4.13
Php Php 5.4.14
Php Php 5.4.19
Php Php 5.4.2
Php Php 5.4.26
7.1
CVSSv3
CVE-2016-3185
The make_http_soap_request function in ext/soap/php_http.c in PHP prior to 5.4.44, 5.5.x prior to 5.5.28, 5.6.x prior to 5.6.12, and 7.x prior to 7.0.4 allows remote malicious users to obtain sensitive information from process memory or cause a denial of service (type confusion a...
Php Php 5.6.1
Php Php 5.6.0
Php Php 5.6.5
Php Php 5.6.4
Php Php 5.6.6
Php Php 5.6.11
Php Php 5.6.2
Php Php 5.6.10
Php Php 5.6.7
Php Php 5.6.9
Php Php 5.6.3
Php Php 5.6.8
Php Php
Php Php 7.0.3
Php Php 7.0.1
Php Php 7.0.2
Php Php 7.0.0
Php Php 5.5.0
Php Php 5.5.19
Php Php 5.5.25
Php Php 5.5.16
Php Php 5.5.1
6.5
CVSSv3
CVE-2015-4598
PHP prior to 5.4.42, 5.5.x prior to 5.5.26, and 5.6.x prior to 5.6.10 does not ensure that pathnames lack %00 sequences, which might allow remote malicious users to read or write to arbitrary files via crafted input to an application that calls (1) a DOMDocument save method or (2...
Redhat Enterprise Linux Server Eus 7.1
Redhat Enterprise Linux Hpc Node 7.0
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Hpc Node Eus 7.1
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
Php Php 5.5.25
Php Php 5.5.24
Php Php 5.6.2
Php Php 5.6.1
Php Php 5.5.18
Php Php 5.6.7
Php Php 5.6.6
Php Php 5.5.22
Php Php 5.5.21
Php Php 5.5.14
Php Php 5.5.13
Php Php 5.5.6
Php Php 5.5.5
Php Php 5.5.4
Php Php 5.6.5
Php Php 5.6.4
5.9
CVSSv3
CVE-2015-8838
ext/mysqlnd/mysqlnd.c in PHP prior to 5.4.43, 5.5.x prior to 5.5.27, and 5.6.x prior to 5.6.11 uses a client SSL option to mean that SSL is optional, which allows man-in-the-middle malicious users to spoof servers via a cleartext-downgrade attack, a related issue to CVE-2015-3152...
Php Php 5.5.0
Php Php 5.5.19
Php Php 5.5.25
Php Php 5.5.16
Php Php 5.5.1
Php Php 5.5.5
Php Php 5.5.21
Php Php 5.5.17
Php Php 5.5.14
Php Php 5.5.7
Php Php 5.5.12
Php Php 5.5.6
Php Php 5.5.3
Php Php 5.5.23
Php Php 5.5.8
Php Php 5.5.24
Php Php 5.5.15
Php Php 5.5.11
Php Php 5.5.13
Php Php 5.5.4
Php Php 5.5.26
Php Php 5.5.10
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-35977
CVE-2023-49335
man-in-the-middle
CVE-2024-4947
CVE-2024-31714
memory leak
SQL
CVE-2024-35994
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »