Public
PHP
bug reports.
4,419
Bug Reports -
$2,030,173
Paid Out
Last Updated:
12th September, 2017
Team
Bounty
Title
PHP
$500
PHP yaml_parse/yaml_parse_file/yaml_parse_url Unsafe Deserialization
PHP
$1,500
PHP yaml_parse/yaml_parse_file/yaml_parse_url Double Free
PHP
$500
str_repeat() sign mismatch based memory corruption
PHP
$500
php_stream_url_wrap_http_ex() type-confusion vulnerability
PHP
$500
Use-after-free in php_curl related to CURLOPT_FILE/_INFILE/_WRITEHEADER
PHP
$500
Type Confusion Vulnerability in SoapClient
PHP
$1,500
Use after free vulnerability in unserialize() with DateInterval
PHP
$1,500
Integer overflow in ftp_genlist() resulting in heap overflow
PHP
$1,500
ZIP Integer Overflow leads to writing past heap boundary
PHP
$1,000
Buffer Over-read in unserialize when parsing Phar
PHP
$1,000
Buffer Over flow when parsing tar/zip/phar in phar_set_inode
PHP
$1,500
Use After Free Vulnerability in unserialize()
PHP
$500
out of bounds read crashes php-cgi
PHP
$3,000
Use after free vulnerability in unserialize()
PHP
$2,500
SoapClient's __call() type confusion through unserialize()
PHP
$2,500
Use after free vulnerability in unserialize() with DateTimeZone
PHP
$2,500
Free called on unitialized pointer in exif.c
PHP
$2,500
Locale::parseLocale Double Free
PHP
$2,500
SPL ArrayObject/SPLObjectStorage Unserialization Type Confusion Vulnerabilities
PHP
$1,500
PHP Heap Overflow Vulnerability in imagecrop()
PHP
$4,000
PHP openssl_x509_parse() Memory Corruption Vulnerability