Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

CVE-2019-11043

🗓️ 28 Oct 2019 14:19:04Reported by phpType 
cve
 cve🔗 web.nvd.nist.gov📰️ 9 Media mentions👁 4582 Views🌐 WEB

PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 accommodate remote code execution

Related
Detection
Affected
Refs
Paths
Social
ReporterTitlePublishedViews
Family
GithubExploit		-CyberPentest-Plugin-Claude-Code
2 Jun 202615:28
githubexploit
GithubExploit		Exploit for Out-of-bounds Write in Php
26 Aug 202515:55
githubexploit
GithubExploit		Exploit for Out-of-bounds Write in Php
24 Oct 202507:00
githubexploit
GithubExploit		Exploit for Out-of-bounds Write in Php
6 Nov 201915:44
githubexploit
GithubExploit		Exploit for Out-of-bounds Write in Php
11 Nov 201911:29
githubexploit
GithubExploit		Exploit for Out-of-bounds Write in Php
23 Oct 201923:26
githubexploit
GithubExploit		Exploit for Out-of-bounds Write in Php
23 Sep 201921:37
githubexploit
GithubExploit		Exploit for Out-of-bounds Write in Php
29 Oct 201911:16
githubexploit
GithubExploit		Exploit for Out-of-bounds Write in Php
18 Nov 202007:25
githubexploit
GithubExploit		Exploit for Out-of-bounds Write in Php
6 Nov 201914:53
githubexploit
Rows per page
NVD
Node
phpphpRange7.1.07.1.33
OR
phpphpRange7.2.07.2.24
OR
phpphpRange7.3.07.3.11
Node
canonicalubuntu_linuxMatch12.04esm
OR
canonicalubuntu_linuxMatch14.04esm
OR
canonicalubuntu_linuxMatch16.04lts
OR
canonicalubuntu_linuxMatch18.04lts
OR
canonicalubuntu_linuxMatch19.04
OR
canonicalubuntu_linuxMatch19.10
Node
debiandebian_linuxMatch9.0
OR
debiandebian_linuxMatch10.0
Node
fedoraprojectfedoraMatch29
OR
fedoraprojectfedoraMatch30
OR
fedoraprojectfedoraMatch31
Node
tenabletenable.scRange<5.19.0
Node
redhatsoftware_collectionsMatch1.0
OR
redhatenterprise_linuxMatch8.0
OR
redhatenterprise_linux_desktopMatch6.0
OR
redhatenterprise_linux_desktopMatch7.0
OR
redhatenterprise_linux_eusMatch7.7
OR
redhatenterprise_linux_eusMatch8.1
OR
redhatenterprise_linux_eusMatch8.2
OR
redhatenterprise_linux_eusMatch8.4
OR
redhatenterprise_linux_eusMatch8.6
OR
redhatenterprise_linux_eusMatch8.8
OR
redhatenterprise_linux_eus_compute_nodeMatch7.7
OR
redhatenterprise_linux_for_arm_64Match8.0_aarch64
OR
redhatenterprise_linux_for_arm_64_eusMatch8.1_aarch64
OR
redhatenterprise_linux_for_arm_64_eusMatch8.2_aarch64
OR
redhatenterprise_linux_for_arm_64_eusMatch8.4_aarch64
OR
redhatenterprise_linux_for_arm_64_eusMatch8.6_aarch64
OR
redhatenterprise_linux_for_arm_64_eusMatch8.8_aarch64
OR
redhatenterprise_linux_for_ibm_z_systemsMatch6.0_s390x
OR
redhatenterprise_linux_for_ibm_z_systemsMatch7.0_s390x
OR
redhatenterprise_linux_for_ibm_z_systemsMatch8.0_s390x
OR
redhatenterprise_linux_for_ibm_z_systems_eusMatch7.7_s390x
OR
redhatenterprise_linux_for_ibm_z_systems_eusMatch8.1_s390x
OR
redhatenterprise_linux_for_ibm_z_systems_eusMatch8.2_s390x
OR
redhatenterprise_linux_for_ibm_z_systems_eusMatch8.4_s390x
OR
redhatenterprise_linux_for_ibm_z_systems_eusMatch8.6_s390x
OR
redhatenterprise_linux_for_ibm_z_systems_eusMatch8.8_s390x
OR
redhatenterprise_linux_for_power_big_endianMatch6.0_ppc64
OR
redhatenterprise_linux_for_power_big_endianMatch7.0_ppc64
OR
redhatenterprise_linux_for_power_big_endian_eusMatch7.7_ppc64
OR
redhatenterprise_linux_for_power_little_endianMatch7.0_ppc64le
OR
redhatenterprise_linux_for_power_little_endianMatch8.0_ppc64le
OR
redhatenterprise_linux_for_power_little_endian_eusMatch7.7_ppc64le
OR
redhatenterprise_linux_for_power_little_endian_eusMatch8.1_ppc64le
OR
redhatenterprise_linux_for_power_little_endian_eusMatch8.2_ppc64le
OR
redhatenterprise_linux_for_power_little_endian_eusMatch8.4_ppc64le
OR
redhatenterprise_linux_for_power_little_endian_eusMatch8.6_ppc64le
OR
redhatenterprise_linux_for_power_little_endian_eusMatch8.8_ppc64le
OR
redhatenterprise_linux_for_scientific_computingMatch7.0
OR
redhatenterprise_linux_serverMatch6.0
OR
redhatenterprise_linux_serverMatch7.0
OR
redhatenterprise_linux_server_ausMatch7.7
OR
redhatenterprise_linux_server_ausMatch8.2
OR
redhatenterprise_linux_server_ausMatch8.4
OR
redhatenterprise_linux_server_ausMatch8.6
OR
redhatenterprise_linux_server_tusMatch7.7
OR
redhatenterprise_linux_server_tusMatch8.2
OR
redhatenterprise_linux_server_tusMatch8.4
OR
redhatenterprise_linux_server_tusMatch8.6
OR
redhatenterprise_linux_server_tusMatch8.8
OR
redhatenterprise_linux_workstationMatch6.0
OR
redhatenterprise_linux_workstationMatch7.0
[
  {
    "product": "PHP",
    "vendor": "PHP",
    "versions": [
      {
        "lessThan": "7.1.33",
        "status": "affected",
        "version": "7.1.x",
        "versionType": "custom"
      },
      {
        "lessThan": "7.2.24",
        "status": "affected",
        "version": "7.2.x",
        "versionType": "custom"
      },
      {
        "lessThan": "7.3.11",
        "status": "affected",
        "version": "7.3.x",
        "versionType": "custom"
      }
    ]
  }
]
ParameterPositionPathDescriptionCWE
php_settingpath/PHP_VALUE #{php_setting}Attach PHP INI directive via path to set values for exploitation.CWE-120CWE-787
qslpath/PHP_VALUE #{php_setting}Attach PHP INI directive via path to set values for exploitation.CWE-120CWE-787
customh_lengthpath/PHP_VALUE #{php_setting}Attach PHP INI directive via path to set values for exploitation.CWE-120CWE-787

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
17 Jun 2026 02:12Current
9.6High risk
Vulners AI Score9.6
CVSS 27.5
CVSS 3.18.7 - 9.8
EPSS0.9947
SSVC
CWE-120CWE-787In Wild
cve-2019-11043phpfpmremote code executionbuffer overflownvdvulnerability
4582