uWSGI PHP Plugin Local File Inclusion

uWSGI PHP Plugin before 2.0.17 mishandles a DOCUMENTROOT check during use of the --php-docroot option, making it susceptible to local file inclusion. id: CVE-2018-7490 info: name: uWSGI PHP Plugin Local File Inclusion author: madrobot severity: high description: uWSGI PHP Plugin before 2.0.17...

SUSE CVE-2018-7490

uWSGI before 2.0.17 mishandles a DOCUMENTROOT check during use of the --php-docroot option, allowing directory traversal...

liveprofiler (>=0.2.0 <=1.0.0), prediction (=0.0.3) potentially affected by CVE-2018-7490 via uwsgi (>=2.0.13.1 <=2.0.15)

uwsgi PYPI version =2.0.13.1, =0.2.0, =1.0.0 - prediction =0.0.3 Source cves: CVE-2018-7490 Source advisory: OSV:GHSA-H2VM-C85R-5VH5...

Fedora Update for uwsgi FEDORA-2018-acfce682f4

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DSA 4142-1] uwsgi security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4142-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso March 17, 2018 https://www.debian.org/security/faq -...

Debian: Security Advisory (DSA-4142-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2018-7490

creationtimestamp| type| source ---|---|--- 2018-03-02 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/44223 2026-04-15 14:28:38+00:00| exploited| https://github.com/range42/range42-catalog/tree/main/03containerlayer/docker/ctf/cve/web/uwsgphp/CVE-2018-7490...

uWSGI Directory Traversal

Exploit Title: uWSGI PHP Plugin Directory Traversal Date: 01-03-2018 Exploit Author: Marios Nicolaides - RUNESEC Reviewers: Simon Loizides and Nicolas Markitanis - RUNESEC Vendor Homepage: https://uwsgi-docs.readthedocs.io Affected Software: uWSGI PHP Plugin before 2.0.17 Tested on: uWSGI 2.0.12...

uWSGI &lt; 2.0.17 - Directory Traversal

Exploit Title: uWSGI PHP Plugin Directory Traversal Date: 01-03-2018 Exploit Author: Marios Nicolaides - RUNESEC Reviewers: Simon Loizides and Nicolas Markitanis - RUNESEC Vendor Homepage: https://uwsgi-docs.readthedocs.io Affected Software: uWSGI PHP Plugin before 2.0.17 Tested on: uWSGI 2.0.12...

uWSGI < 2.0.17 - Directory Traversal Vulnerability

Exploit for php platform in category web applications Exploit Title: uWSGI PHP Plugin Directory Traversal Exploit Author: Marios Nicolaides - RUNESEC Reviewers: Simon Loizides and Nicolas Markitanis - RUNESEC Vendor Homepage: https://uwsgi-docs.readthedocs.io Affected Software: uWSGI PHP Plugin...

CVE-2018-7490

uWSGI before 2.0.17 mishandles a DOCUMENTROOT check during use of the --php-docroot option, allowing directory traversal...

CVE-2018-7490

CVE-2018-7490 affects the uWSGI PHP plugin before 2.0.17, where the PHP-DOCROOT validation fails, enabling directory traversal via the --php-docroot option and potentially exposing sensitive files outside the web root. Evidence in connected docs shows Debian security advisories fixing to versions...