Lucene search
K

30 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/05 12:0 a.m.10 views

AlmaLinux 10 : php (ALSA-2026:23388)

The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:23388 advisory. PHP: PHP: Denial of Service via improper handling of signed characters in ctype functions CVE-2026-7258 PHP: PHP-FPM: PHP-FPM: Cross-Site Scripting...

8.8CVSS5.7AI score0.0078EPSS
Exploits1References7
Tenable Nessus
Tenable Nessus
added 2026/02/02 12:0 a.m.4 views

MiracleLinux 9 : php:8.2 (AXSA:2026-118:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-118:01 advisory. php: pgsql extension does not check for errors during escaping CVE-2025-1735 php: NULL Pointer Dereference in PHP SOAP Extension via Large XML...

8.2CVSS5.8AI score0.00953EPSS
Exploits6References7
Positive Technologies
Positive Technologies
added 2025/12/12 12:0 a.m.7 views

PT-2025-50846

The Visitor Logic Lite plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.0.3 via deserialization of untrusted input from the lpblocks cookie. This is due to the lp track function passing unsanitized cookie data directly to the unserialize function...

8.1CVSS7AI score0.00457EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.2 views

EUVD-2011-1166

Malware in sbrugna...

7.5CVSS8.7AI score0.06833EPSS
Exploits0References26
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2015-6769

Malware in sbrugna...

7.5CVSS7.6AI score0.04837EPSS
Exploits0References11
RedhatCVE
RedhatCVE
added 2025/05/23 5:14 a.m.4 views

CVE-2023-41506

An arbitrary file upload vulnerability in the Update/Edit Student's Profile Picture function of Student Enrollment In PHP v1.0 allows attackers to execute arbitrary code via uploading a crafted PHP file...

9.8CVSS7.9AI score0.00882EPSS
Exploits0References1
Redos
Redos
added 2024/12/20 12:0 a.m.15 views

ROS-20241220-01

A vulnerability in the password verification function of the PHP programming language is related to insufficient calculation of the password hash. password hash. Exploitation of the vulnerability allows an attacker to affect data integrity...

8.1CVSS7AI score0.00944EPSS
Exploits1
ICS
ICS
added 2024/10/01 6:0 a.m.30 views

Optigo Networks ONS-S8 - Spectra Aggregation Switch

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/Low attack complexity Vendor: Optigo Networks Equipment: ONS-S8 - Spectra Aggregation Switch Vulnerabilities: Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion', Weak...

9.8CVSS10AI score0.00701EPSS
Exploits0References10
Fedora
Fedora
added 2024/05/31 1:17 a.m.28 views

[SECURITY] Fedora 40 Update: roundcubemail-1.6.7-1.fc40

RoundCube Webmail is a browser-based multilingual IMAP client with an application-like user interface. It provides full functionality you expect from an e-mail client, including MIME support, address book, folder manipulation, message searching and spell checking. RoundCube Webmail is written in...

7.3AI score
Exploits0
Cvelist
Cvelist
added 2024/05/07 12:0 a.m.21 views

CVE-2024-34523

AChecker 1.5 allows remote attackers to read the contents of arbitrary files via the download.php path parameter by using Unauthenticated Path Traversal. This occurs through readfile in PHP. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...

6.9AI score0.00824EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/09/22 12:0 a.m.9 views

CVE-2023-43144

Projectworldsl Assets-management-system-in-php 1.0 is vulnerable to SQL Injection via the "id" parameter in delete.php...

8.1AI score0.00911EPSS
Exploits2References1
BDU FSTEC
BDU FSTEC
added 2022/04/25 12:0 a.m.8 views

The vulnerability of the sapi_header_op function in the PHP programming language allows attackers to carry out XSS attacks.

The vulnerability of the sapiheaderop function in the PHP programming language is related to the lack of measures taken to protect web page structures. Exploiting this vulnerability allows an attacker to perform XSS attacks remotely...

6.1CVSS6.6AI score0.02959EPSS
Exploits0References8Affected Software3
CNVD
CNVD
added 2020/03/09 12:0 a.m.1 views

SQL Injection Vulnerability in in***.php Page of Winda System Management Platform

Winda system management platform is a rapid station building and management platform developed by Guangxi Jixiang NetDa Information Technology Co. There is a SQL injection vulnerability in the in.php page of the Winda system management platform, which can be exploited by attackers to obtain...

7.6AI score
Exploits0
CNVD
CNVD
added 2020/03/06 12:0 a.m.1 views

SQL Injection Vulnerability in in***.php of Longcai Technology Group Co.

Longcai Technology Group Limited Liability Company is a company dedicated to the development and construction of the Internet enterprise wisdom cloud service platform, and "Internet + industry innovation" platform services. Longcai Technology Group Limited Liability Company building system in.php...

7.6AI score
Exploits0
CNVD
CNVD
added 2020/03/05 12:0 a.m.1 views

LaySNS suffers from SQL injection vulnerability in in***.php file

LaySNS is a lightweight, integrated content management and community interaction website management system based on ThinkPHP+Layui architecture. LaySNS has a SQL injection vulnerability in the in.php file, which can be exploited by attackers to obtain sensitive database information...

7.9AI score
Exploits0
CNVD
CNVD
added 2020/02/18 12:0 a.m.1 views

SQL injection vulnerability in In***.php file of MyuCMS open source content management system (CNVD-2020-18786)

MyuCMS open source content management system developed using ThinkPHP community mall aggregation, plug-ins, templates, lightweight and fast easy to expand. MyuCMS open source content management system In.php file SQL injection vulnerability . Attackers can exploit the vulnerability to obtain...

7.7AI score
Exploits0
CNVD
CNVD
added 2019/11/21 12:0 a.m.2 views

SQL Injection Vulnerability in Yunye CMS in***.php Page

Yunye CMS is an enterprise website building system developed by Luoyang Yunye Information Technology Co. There is a SQL injection vulnerability in the CMS in.php page, which can be exploited by attackers to obtain sensitive information...

7.8AI score
Exploits0
CNVD
CNVD
added 2019/11/13 12:0 a.m.1 views

SQL injection vulnerability in in***.php file of Laikai e-commerce system (CNVD-2020-00181)

Laike e-commerce system is an open source e-commerce system. Laike e-commerce system in.php file contains a SQL injection vulnerability. Attackers can use the vulnerability to obtain sensitive information in the database...

7.6AI score
Exploits0
CNVD
CNVD
added 2019/05/29 12:0 a.m.2 views

SQL Injection Vulnerability in Tpshop v3.5 In***.php Page

Tpshop is a set of multi-merchant mode developed by Shenzhen Soleil Networks Limited mall system. A SQL injection vulnerability exists in the Tpshop v3.5 In.php page. Attackers can use the vulnerability to obtain sensitive information in the database...

7.7AI score
Exploits0
CNVD
CNVD
added 2019/04/20 12:0 a.m.1 views

Arbitrary file read vulnerability in zzzphp in***.php file

zzphp is a free website building system developed using PHP. An arbitrary file read vulnerability exists in the zzzphp in.php file. An attacker can exploit the vulnerability to read sensitive information...

6.8AI score
Exploits0
Rows per page
Query Builder