PT-2024-40035 · Ez Systems · Ezpublish-Kernel +1

Name of the Vulnerable Software and Affected Versions: ezsystems/ezplatform-kernel versions prior to v1.0.3 ezsystems/ezpublish-kernel versions prior to v7.5.8 ezsystems/ezpublish-kernel versions prior to v6.13.6.4 ezsystems/ezpublish-kernel versions prior to v5.4.15 Description: The issue is an...

LimeSurvey <= 5.4.15 Multiple Vulnerabilities

LimeSurvey is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:limesurvey:limesurvey";...

Laravel SQL Injection Vulnerability

Laravel Framework is a PHP-based web application development framework developed by Taylor Otwell Software Developers. A SQL injection vulnerability exists in the save.php file in Laravel version 5.4.15. The vulnerability can be exploited by a remote attacker to execute arbitrary SQL commands wit...

CVE-2018-6330

Laravel 5.4.15 is vulnerable to Error based SQL injection in save.php via dhxuser and dhxversion parameters...

Internet Bug Bounty: Use after free with assign by ref to overloaded objects

Reported: 2015-07-15 16:30 UTC Fixed: 2015-07-21 14:20 UTC Bug Report: https://bugs.php.net/bug.php?id=70083 Fixed in PHP 5.6: http://git.php.net/?p=php-src.git;a=commitdiff;h=f57cb13c566613eec0e1c2f6d96d18565436a9b7 Fixed in 7:...

php -- potential overflow in _php_stream_scandir

The PHP Development Team reports: The release of PHP 5.4.15 and 5.4.5 fix a potential overflow in phpstreamscandir...

CVE-2006-2346

CVE-2006-2346 affects vpopmail versions 5.4.14 and 5.4.15. The flaw enables remote authentication by using a blank password to SMTP AUTH or APOP for accounts that do not have a cleartext password set, due to cleartext passwords being enabled. This constitutes an authentication bypass condition as...