Linux Distros Unpatched Vulnerability : CVE-2018-19518

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - University of Washington IMAP Toolkit 2007f on UNIX, as used in imapopen in PHP and other products, launches an rsh command by means of the imaprimap function i...

BELL-CVE-2018-19518 CVE-2018-19518 does not affect BellSoft software

Bulletin has no description...

Exploit for Argument Injection in Php

CVE-2018-19518 Disclaimer This program should be used s...

SUSE CVE-2018-19518

University of Washington IMAP Toolkit 2007f on UNIX, as used in imapopen in PHP and other products, launches an rsh command by means of the imaprimap function in c-client/imap4r1.c and the tcpaopen function in osdep/unix/tcpunix.c without preventing argument injection, which might allow remote...

VulnCheck KEV: CVE-2018-19518

University of Washington IMAP Toolkit 2007f on UNIX, as used in imapopen in PHP and other products, launches an rsh command by means of the imaprimap function in c-client/imap4r1.c and the tcpaopen function in osdep/unix/tcpunix.c without preventing argument injection, which might allow...

PHP IMAP imap_open Command Injection (CVE-2018-19518)

A command injection vulnerability exists in the IMAP component of PHP. The vulnerability is due to improper handling of the server parameter passed to the imapopen function. A remote, authenticated attacker can exploit this vulnerability by supplying a crafted server parameter to the imapopen...

Mageia: Security Advisory (MGASA-2018-0484)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DLA-2866-1 : uw-imap - LTS security update

The remote Debian 9 host has packages installed that are affected by a vulnerability as referenced in the dla-2866 advisory. - University of Washington IMAP Toolkit 2007f on UNIX, as used in imapopen in PHP and other products, launches an rsh command by means of the imaprimap function in...

SUSE: Security Advisory (SUSE-SU-2018:3995-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2018:3986-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization for ARM 64 3.0.6.0 : php (EulerOS-SA-2020-1895)

According to the versions of the php packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - In PHP versions 7.2.x below 7.2.30, 7.3.x below 7.3.17 and 7.4.x below 7.4.5, if PHP is compiled with EBCDIC support...

Huawei EulerOS: Security Advisory for php (EulerOS-SA-2020-1821)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

GLSA-202003-57 : PHP: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202003-57 PHP: Multiple vulnerabilities Multiple vulnerabilities have been discovered in PHP. Please review the CVE identifiers referenced below for details. Impact : An attacker could possibly execute arbitrary shell commands,...

Security Bulletin: IBM BladeCenter Advanced Management Module (AMM) is affected by vulnerability in PHP (CVE-2018-19518)

Summary IBM BladeCenter Advanced Management Module AMM has addressed the following vulnerability in PHP. Vulnerability Details CVEID: CVE-2018-19518 DESCRIPTION: University of Washington IMAP Toolkit 2007f on UNIX, as used in imapopen in PHP and other products, launches an rsh command by means of...

PHP 5.6.x < 5.6.39 Multiple vulnerabilities

According to its banner, the version of PHP running on the remote web server is 5.6.x prior to 5.6.39, 7.0.x prior to 7.0.33, 7.1.x prior to 7.1.25, 7.2.x prior to 7.2.13 or 7.3.x prior to 7.3.0. It is, therefore, affected by multiple vulnerabilities: - An arbitrary command injection vulnerabilit...

Amazon Linux AMI : php56 / php70,php71,php72 (ALAS-2019-1147)

ext/imap/phpimap.c in PHP 5.x and 7.x before 7.3.0 allows remote attackers to cause a denial of service NULL pointer dereference and application crash via an empty string in the message argument to the imapmail function.CVE-2018-19935 University of Washington IMAP Toolkit 2007f on UNIX, as used i...

Horde Imp - imap_open Remote Command Execution

Exploit for php platform in category web applications Exploit Title: Horde Imp Unauthenticated Remote Command Execution Google Dork: inurl:/imp/login.php Exploit Author: Paolo Serracino - Pietro Minniti - Damiano Proietti Vendor Homepage: https://www.horde.org/apps/imp/ Software Link:...

Horde Imp - &#039;imap_open&#039; Remote Command Execution

Exploit Title: Horde Imp Unauthenticated Remote Command Execution Google Dork: inurl:/imp/login.php Date: 10/01/2019 Exploit Author: Paolo Serracino - Pietro Minniti - Damiano Proietti Vendor Homepage: https://www.horde.org/apps/imp/ Software Link: https://www.horde.org/download/imp Version: All...

Horde Imp Unauthenticated Remote Command Execution

Exploit Title: Horde Imp Unauthenticated Remote Command Execution Google Dork: inurl:/imp/login.php Date: 10/01/2019 Exploit Author: Paolo Serracino - Pietro Minniti - Damiano Proietti Vendor Homepage: https://www.horde.org/apps/imp/ Software Link: https://www.horde.org/download/imp Version: All...

Horde Imp - imap_open Remote Command Execution

Horde Imp - imapopen Remote Command Execution Exploit Title: Horde Imp Unauthenticated Remote Command Execution Google Dork: inurl:/imp/login.php Date: 10/01/2019 Exploit Author: Paolo Serracino - Pietro Minniti - Damiano Proietti Vendor Homepage: https://www.horde.org/apps/imp/ Software Link:...