PHP Denial of Service Vulnerability (CNVD-2019-00335)

PHP PHP: Hypertext Preprocessor is an open source general-purpose computer scripting language maintained by the PHP Group and the open source community. The language is mainly used for Web development and supports a variety of databases and operating systems. A security vulnerability exists in th...

LAOBANCMS Arbitrary PHP Code Execution Vulnerability

Laoban CMS LAOBANCMS content management system is based on PHP + MYSQL environment developed by the old class of open-source website building system . LAOBANCMS 2.0 has an arbitrary PHP code execution vulnerability. Remote attackers can install/ URI through the host parameter to exploit the...

s-cms SQL Injection Vulnerability

s-cms is a content management system CMS based on PHP and MySQL. A SQL injection vulnerability exists in s-cms 3.0. A remote attacker can exploit the vulnerability by providing the '0id' parameter to the member/post.php file or POST data to the member/memberlogin.php file to log into the system...

UBUNTU-CVE-2018-14883

An issue was discovered in PHP before 5.6.37, 7.0.x before 7.0.31, 7.1.x before 7.1.20, and 7.2.x before 7.2.8. An Integer Overflow leads to a heap-based buffer over-read in exifthumbnailextract of exif.c...

PHP GD Graphics Library Denial of Service Vulnerability

PHP PHP: Hypertext Preprocessor is an open source general-purpose computer scripting language maintained by the PHP Group and the open source community.GD Graphics Library also known as libgd or libgd2 is an open source library for dynamically creating images developed by American software...

Trend Micro OfficeScan Information Disclosure Vulnerability

Trend Micro OfficeScan is a best-of-breed endpoint security solution for mid-sized and large organizations, with a future-proof, resilient architecture that allows you to customize your threat protection and data protection through plug-ins. An information disclosure vulnerability exists in Trend...

Arbitrary file download vulnerability in EasyAdmin /application/index/controller/index.php page

EasyAdmin is a free and open source community program based on the LayUI template, with a ThinkPHP5 framework for backend support. An arbitrary file download vulnerability exists in the EasyAdmin /application/index/controller/index.php page. An attacker can download system configuration files by...

Code Execution Vulnerability in ESPCMS

ESPCMS is an enterprise website management system built on LAMP development. A code execution vulnerability exists in ESPCMS. An attacker can exploit this vulnerability to execute arbitrary php statements...

CMS Made Simple Upload Vulnerability (CNVD-2017-24997)

CMS Made Simple CMSMS is an open source content management system CMS developed by the CMSMS team. The system supports role-based rights management system , wizard-based installation and update mechanism , intelligent caching mechanism and so on. A security vulnerability exists in CMSMS version...

PHP Information Disclosure Vulnerability (CNVD-2017-22594)

PHP PHP: Hypertext Preprocessor is an open source general-purpose computer scripting language maintained by the PHP Group and the open source community. A security vulnerability exists in PHP versions prior to 5.6.31, 7.x prior to 7.0.21, and 7.1.x prior to 7.1.7, which stems from a lack of bound...

DEBIAN-CVE-2016-3124

The sanitycheck module in SimpleSAMLphp before 1.14.1 allows remote attackers to learn the PHP version on the system via unspecified vectors...

PHP 'process_nested_data()' Remote Code Execution Vulnerability

PHP PHP: Hypertext Preprocessor is an open source general-purpose computer scripting language maintained by the PHP Group and the open source community. The language supports multiple syntaxes, multiple databases and operating systems, and support for C, C++ for program extensions and so on. A...

PHP 'ext/pcre/php_pcre.c' Information Disclosure Vulnerability

PHP PHP: Hypertext Preprocessor is an open source general-purpose computer scripting language maintained by the PHP Group and the open source community. The language supports multiple syntaxes, multiple databases and operating systems, and support for C, C++ for program extensions and so on. PHP...

php: Use After Free Vulnerability in PHP's GC algorithm and unserialize

splarray.c in the SPL extension in PHP before 5.5.37 and 5.6.x before 5.6.23 improperly interacts with the unserialize implementation and garbage collection, which allows remote attackers to execute arbitrary code or cause a denial of service use-after-free and application crash via crafted...

PHP 'zend_symtable_clean()' function out-of-bounds read denial of service vulnerability

PHP PHP: Hypertext Preprocessor is an open source general-purpose computer scripting language maintained by the PHP Group and the open source community. The language supports multiple syntaxes, multiple databases and operating systems, and support for C, C++ for program extensions and so on. PHP...

PHP 'gdImageAALine()' Integer Overflow Vulnerability

PHP PHP: Hypertext Preprocessor is an open source general-purpose computer scripting language maintained by the PHP Group and the open source community. The language supports multiple syntaxes, multiple databases and operating systems, and support for C, C++ for program extensions and so on. An...

PHP Denial of Service Vulnerability (CNVD-2016-07712)

PHP PHP: Hypertext Preprocessor is an open source general-purpose computer scripting language maintained by the PHP Group and the open source community. The language supports multiple syntaxes, multiple databases and operating systems, and support for C, C++ for program extensions and so on. A...

PHP SPL Extended Integer Overflow Vulnerability

PHP PHP: Hypertext Preprocessor is an open source general-purpose computer scripting language maintained by the PHP Group and the open source community.SPL Standard PHP Library is a collection of interfaces and class extensions for solving typical problems. SPL Standard PHP Library is an extensio...

PHP Gettext Remote Code Execution Vulnerability

PHP PHP: Hypertext Preprocessor is an open source general-purpose computer scripting language maintained by the PHP Group and the open source community. The language supports multiple syntaxes, multiple databases and operating systems, and program extensions in C, C++, etc. Gettext is one of the...

PHP Remote Code Execution Vulnerability (CNVD-2016-05253)

PHP PHP: Hypertext Preprocessor, PHP: Hypertext Preprocessor is an open source general-purpose computer scripting language maintained by the PHP Group and the open source community. A remote code execution vulnerability exists in versions of PHP prior to 5.5.36. An attacker could exploit this...