ProjectSend 跨站脚本漏洞

ProjectSend cFTP is an open-source set of self-hosted applications based on PHP and MySQL by ProjectSend. Version r1295 of ProjectSend contains a cross-site scripting vulnerability. This vulnerability stems from a stored-cross-site scripting vulnerability in the files-edit.php file, which could...

PHP 缓冲区错误漏洞

PHP is an open-source scripting language executed on the server side. Versions of PHP prior to 8.2.31, 8.3.31, 8.4.21, and 8.5.6 contained a buffer error vulnerability. This vulnerability stemmed from certain functions passing signed chars to the ctype function. On systems with default signed cha...

PT-2026-39443

Name of the Vulnerable Software and Affected Versions PHP versions 8.2.0 through 8.2.30 PHP versions 8.3.0 through 8.3.30 PHP versions 8.4.0 through 8.4.20 PHP versions 8.5.0 through 8.5.5 Description The PDO Firebird driver improperly handles NUL bytes during the preparation of SQL queries. When...

PHP 缓冲区错误漏洞

PHP is an open-source scripting language executed on the server side. Versions of PHP prior to 8.2.31, 8.3.31, 8.4.21, and 8.5.6 contained a buffer error vulnerability. This vulnerability stemmed from the use of the metaphone function, which used signed integer variables to track the current...

Fedora 44 : php (2026-c66eaae759)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-c66eaae759 advisory. PHP version 8.5.6 07 May 2026 Core: Fixed bug GH-19983 GC assertion failure with fibers, generators and destructors. iliaal Fixed ZENDAPI mismatch o...

openSUSE 16 Security Update : php-composer2 (openSUSE-SU-2026:20670-1)

The remote openSUSE 16 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20670-1 advisory. - CVE-2025-67746: ANSI control characters injection in terminal output of various Composer commands via attacker controlled remote sources...

PT-2026-39517

TextPattern CMS 4.8.7 contains a remote code execution vulnerability that allows authenticated attackers to execute arbitrary commands by uploading malicious PHP files through the file upload functionality. Attackers can upload a PHP shell via the Files section in the content area and execute...

PT-2026-39515

WordPress Plugin Download From Files version 1.48 and earlier contains an arbitrary file upload vulnerability that allows unauthenticated attackers to upload malicious files by exploiting the AJAX fileupload action. Attackers can send POST requests to the admin-ajax.php endpoint with the download...

PT-2026-39457

Name of the Vulnerable Software and Affected Versions PHP versions 8.4.0 through 8.4.20 PHP versions 8.5.0 through 8.5.5 Description An issue exists in the mbstring extension where passing an encoding name containing an embedded NUL byte to certain functions causes the code to incorrectly assume...

PT-2026-39514

Evolution CMS 3.1.6 contains a remote code execution vulnerability that allows authenticated users with module creation permissions to execute arbitrary system commands by injecting PHP code into module parameters. Attackers can send POST requests to /manager/index.php with malicious PHP code in...

PHP SQL注入漏洞

PHP is an open-source scripting language executed on the server side. Versions of PHP prior to 8.2.31, 8.3.31, 8.4.21, and 8.5.6 have a SQL injection vulnerability. This vulnerability stems from the improper handling of NUL bytes by the PDO Firebird driver when processing SQL queries, which can...

PHP 代码问题漏洞

PHP is an open-source scripting language executed on the server side. There were code vulnerabilities in versions prior to PHP 8.2.31, 8.3.31, 8.4.21, and 8.5.6. These vulnerabilities stemmed from a flaw where, when the SOAP server was configured with type mapping, incorrect variables were checke...

CVE-2026-42605

AzuraCast (prior to 0.23.6) has a path traversal remote code execution flaw in the media upload flow. The currentDirectory parameter in FlowUploadAction is not sanitized, allowing an authenticated user with media permissions to place files outside the station media directory when using local file...

CVE-2026-8193

A weakness has been identified in Akaunting 3.1.21. This issue affects some unknown processing of the file config/dompdf.php of the component Invoice PDF Rendering. Executing a manipulation can lead to server-side request forgery. The attack may be launched remotely. The exploit has been made...

Remote Code Execution (RCE)

dedoc/scramble is vulnerable to Remote Code Execution RCE. The vulnerability is due to unsafe evaluation of user-controlled input during documentation generation, which allows an attacker to execute arbitrary PHP code in the application context...

CVE-2026-8209

Gibbon before v30.0.01 is affected by a path traversal vulnerability that can cause denial of service via attempting to extract web application PHP files; failed .zip extraction may delete the file and cause downtime. Exploitation requires Teacher or higher privileges and could lead to loss of we...

CVE-2026-8209

Gibbon versions before v30.0.01 are affected by a path traversal vulnerability resulting in DOS by attempting extraction of web application PHP files, failed .zip extraction results in deletion of the file and a DOS condition. Successful exploitation requires Teacher or higher privileges...

SUSE CVE-2026-41570

PHPUnit is a testing framework for PHP. In versions 12.5.21 and 13.1.5, PHPUnit forwards PHP INI settings to child processes used for isolated/PHPT test execution as -d name=value command-line arguments without neutralizing INI metacharacters. Because PHP's INI parser interprets " as a string...

CVE-2025-69690

Netgate pfSense CE 2.7.2 allows code execution by using the module installer with a backup file with a serialized PHP object containing the postrebootcommands property. NOTE: the Supplier disputes this because this installer is only available to admins and they are intentionally allowed to execut...

PT-2026-39402

Name of the Vulnerable Software and Affected Versions Yii Framework versions prior to 2.0.55 Description Internal variables in the View::renderPhpFile and ErrorHandler::renderFile functions are not isolated, which can lead to parameter collisions that allow the overriding of included file paths...