Lucene search
+L

58 matches found

nvd
nvd
added 2023/02/16 7:15 a.m.20 views

CVE-2023-0662

In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, excessive number of parts in HTTP form upload can cause high resource consumption and excessive number of log entries. This can cause denial of service on the affected server by exhausting CPU resources or disk space...

7.5CVSS8.5AI score0.01408EPSS
Exploits0References2
prion
prion
added 2023/02/16 7:15 a.m.93 views

Design/Logic Flaw

In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, excessive number of parts in HTTP form upload can cause high resource consumption and excessive number of log entries. This can cause denial of service on the affected server by exhausting CPU resources or disk space...

5CVSS6.2AI score0.01408EPSS
Exploits0References2Affected Software1
cvelist
cvelist
added 2023/02/16 6:24 a.m.21 views

CVE-2023-0662 DoS vulnerability when parsing multipart request body

In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, excessive number of parts in HTTP form upload can cause high resource consumption and excessive number of log entries. This can cause denial of service on the affected server by exhausting CPU resources or disk space...

7.5CVSS8AI score0.01408EPSS
Exploits0References2
osv
osv
added 2023/02/16 6:24 a.m.29 views

CVE-2023-0662 DoS vulnerability when parsing multipart request body

In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, excessive number of parts in HTTP form upload can cause high resource consumption and excessive number of log entries. This can cause denial of service on the affected server by exhausting CPU resources or disk space...

7.5CVSS6.7AI score0.01408EPSS
Exploits0References5
debiancve
debiancve
added 2023/02/16 6:24 a.m.50 views

CVE-2023-0662

In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, excessive number of parts in HTTP form upload can cause high resource consumption and excessive number of log entries. This can cause denial of service on the affected server by exhausting CPU resources or disk space...

7.5CVSS6.7AI score0.01408EPSS
Exploits0
alpinelinux
alpinelinux
added 2023/02/16 6:24 a.m.81 views

CVE-2023-0662

In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, excessive number of parts in HTTP form upload can cause high resource consumption and excessive number of log entries. This can cause denial of service on the affected server by exhausting CPU resources or disk space...

7.5CVSS8.1AI score0.01408EPSS
Exploits0
susecve
susecve
added 2023/02/15 3:52 a.m.3 views

SUSE CVE-2020-27304

The CivetWeb web library does not validate uploaded filepaths when running on an OS other than Windows, when using the built-in HTTP form-based file upload mechanism, via the mghandleformrequest API. Web applications that use the file upload form handler, and use parts of the user-controlled...

9.8CVSS7.7AI score0.03138EPSS
Exploits1References5
ptsecurity
ptsecurity
added 2023/02/15 12:0 a.m.5 views

PT-2023-2473 · Php +10 · Php +10

Name of the Vulnerable Software and Affected Versions: PHP versions 8.0.0 through 8.0.27 PHP versions 8.1.0 through 8.1.15 PHP versions 8.2.0 through 8.2.2 Description: The issue is related to an excessive number of parts in HTTP form upload, which can cause high resource consumption and excessiv...

9.8CVSS6.3AI score0.49336EPSS
Exploits76References145
nessus
nessus
added 2023/02/15 12:0 a.m.143 views

Slackware Linux 15.0 / current php Multiple Vulnerabilities (SSA:2023-045-02)

The version of php installed on the remote host is prior to 7.4.33 / 8.0.28 / 8.1.16. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2023-045-02 advisory. - In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, core path resolution function...

8.1CVSS7.2AI score0.01408EPSS
Exploits2References3
nessus
nessus
added 2023/02/14 12:0 a.m.33 views

PHP 8.1.x < 8.1.16

The version of PHP installed on the remote host is prior to 8.1.16. It is, therefore, affected by a vulnerability as referenced in the Version 8.1.16 advisory. - In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, excessive number of parts in HTTP form upload can cause high...

7.5CVSS6.9AI score0.01408EPSS
Exploits0References2
nessus
nessus
added 2023/02/14 12:0 a.m.53 views

PHP 8.0.x < 8.0.28

The version of PHP installed on the remote host is prior to 8.0.28. It is, therefore, affected by a vulnerability as referenced in the Version 8.0.28 advisory. - In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, excessive number of parts in HTTP form upload can cause high...

7.5CVSS6.9AI score0.01408EPSS
Exploits0References2
attackerkb
attackerkb
added 2022/04/18 10:14 a.m.11 views

CVE-2022-27862

Arbitrary File Upload leading to RCE in E4J s.r.l. VikBooking Hotel Booking Engine & PMS plugin = 1.5.3 on WordPress allows attackers to upload and execute dangerous file types e.g. PHP shell via the signature upload on the booking form...

9.8CVSS8.7AI score0.01617EPSS
Exploits0References3Affected Software1
osv
osv
added 2018/08/23 2:29 p.m.6 views

CVE-2018-3832

An exploitable firmware update vulnerability exists in Insteon Hub running firmware version 1013. The HTTP server allows for uploading arbitrary MPFS binaries that could be modified to enable access to hidden resources which allow for uploading unsigned firmware images to the device. To trigger...

9CVSS5.9AI score0.01656EPSS
Exploits1References2
seebug
seebug
added 2014/07/01 12:0 a.m.19 views

Opera 6.0.1,MS IE 5/6 JavaScript Modifier Keypress Event Subversion Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/5290/info An issue has been reported with the JavaScript implementation of multiple web browsers, including Microsoft Internet Explorer and Opera. Malicious JavaScript may subvert some keypress events, with consequences...

7.1AI score
Exploits0
symfony
symfony
added 2012/11/25 12:0 a.m.52 views

Security release: symfony 1.4.20 released

symfony 1.4.20 has just been released and it contains a security fix. Uli Hecht contacted us a couple of days ago about a security issue in symfony 1.4. The vulnerability allows reading any file stored on the server if it is readable by the web server. Your application is vulnerable if there is a...

6.7AI score
Exploits0
myhack58
myhack58
added 2010/10/28 12:0 a.m.20 views

MY-CCMS All Ver File Upload 0day-vulnerability warning-the black bar safety net

The vulnerability is located in: manage/upload.php code province ! ! 111.jpg Download 22.49 KB 4 hours ago Also you can create new“. asp”directory, there is a skip directory vulnerability, etc. EXP: the form id="frmUpload" enctype="multipart/form-data" action="http://chemlg.com/manage/upload.php"...

0.4AI score
Exploits0
nessus
nessus
added 2006/08/04 12:0 a.m.45 views

CentOS 4 : Firefox (CESA-2006:0610)

Updated firefox packages that fix several security bugs are now available for Red Hat Enterprise Linux 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. Mozilla Firefox is an open source Web browser. The Mozilla Foundation has discontinued...

9.3CVSS8.2AI score0.78359EPSS
Exploits12References27
nessus
nessus
added 2004/12/23 12:0 a.m.122 views

Fedora Core 2 : php-4.3.10-2.4 (2004-567)

This update includes the latest release of PHP 4.3, including fixes for security issues in the unserializer CVE-2004-1019, exif image parsing CVE-2004-1065, and form upload parsing CVE-2004-0958 and CVE-2004-0959. Note that Tenable Network Security has extracted the preceding description block...

10CVSS7.3AI score0.10042EPSS
Exploits0References1
Rows per page
Query Builder