Lucene search
K

10 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Composer

Composer is a dependency manager for PHP. Users who publish a composer.phar file to a publicly accessible web server where the file can be executed as a PHP file may be subject to a remote code execution vulnerability if PHP also has registerargcargv enabled in php.ini. Versions 2.6.4, 2.2.22, an...

8.8CVSS8.6AI score0.0139EPSS
Exploits0References2
VulnCheck KEV
VulnCheck KEV
added 2025/05/27 12:0 a.m.3 views

VulnCheck KEV: CVE-2024-56145

Craft CMS contains a code injection vulnerability. Users with affected versions are vulnerable to remote code execution if their php.ini configuration has registerargcargv enabled...

9.8CVSS7.8AI score0.97446EPSS
Exploits9References1
RedhatCVE
RedhatCVE
added 2025/05/23 9:10 a.m.7 views

CVE-2024-56145

Craft is a flexible, user-friendly CMS for creating custom digital experiences on the web and beyond. Users of affected versions are affected by this vulnerability if their php.ini configuration has registerargcargv enabled. For these users an unspecified remote code execution vector is present...

9.8CVSS8.2AI score0.97446EPSS
Exploits9References1
Snyk
Snyk
added 2024/12/18 7:47 p.m.5 views

Command Injection

Overview craftcms/cms is a content management system. Affected versions of this package are vulnerable to Command Injection due to the PHP registerargcargv configuration setting. An attacker can execute arbitrary code by manipulating the command line arguments. Note: This is only exploitable if t...

9.8CVSS8.2AI score0.97446EPSS
Exploits9References2
CNNVD
CNNVD
added 2024/12/18 12:0 a.m.10 views

Craft CMS 代码注入漏洞

Craft CMS is a user-friendly, web-based content management system for creating and managing website content. Craft CMS has a security vulnerability due to the opening of registerargcargv in the PHP configuration, which can be exploited by an attacker to execute arbitrary code and take control of...

9.8CVSS7.9AI score0.97446EPSS
Exploits9References2
BDU FSTEC
BDU FSTEC
added 2024/06/28 12:0 a.m.4 views

The vulnerability of the composer.phar file of the PHP Composer dependency manager allows a attacker to execute arbitrary commands.

The vulnerability of the composer.phar file of the PHP Composer dependency manager is related to the registerargcargv function in php.ini. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

9CVSS7.5AI score0.0139EPSS
Exploits0References10Affected Software4
OSV
OSV
added 2023/09/29 8:15 p.m.6 views

UBUNTU-CVE-2023-43655

Composer is a dependency manager for PHP. Users publishing a composer.phar to a public web-accessible server where the composer.phar can be executed as a php file may be subject to a remote code execution vulnerability if PHP also has registerargcargv enabled in php.ini. Versions 2.6.4, 2.2.22 an...

8.8CVSS6.4AI score0.0139EPSS
Exploits0References10
Debian CVE
Debian CVE
added 2023/09/29 7:33 p.m.20 views

CVE-2023-43655

Composer is a dependency manager for PHP. Users publishing a composer.phar to a public web-accessible server where the composer.phar can be executed as a php file may be subject to a remote code execution vulnerability if PHP also has registerargcargv enabled in php.ini. Versions 2.6.4, 2.2.22 an...

8.8CVSS9.1AI score0.0139EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2007/01/02 12:0 a.m.41 views

Cacti cmd.php Multiple Parameter SQL Injection Arbitrary Command Execution

The remote host is running Cacti, a web-based, front end to RRDTool for network graphing. The version of Cacti on the remote host does not properly check to ensure that the 'cmd.php' script is being run from a commandline and fails to sanitize user-supplied input before using it in database...

7.5CVSS9.1AI score0.02443EPSS
Exploits0References4
OSV
OSV
added 2006/12/28 9:28 p.m.1 views

DEBIAN-CVE-2006-6799

SQL injection vulnerability in Cacti 0.8.6i and earlier, when registerargcargv is enabled, allows remote attackers to execute arbitrary SQL commands via the 1 second or 2 third arguments to cmd.php. NOTE: this issue can be leveraged to execute arbitrary commands since the SQL query results are...

7.5CVSS8.8AI score0.02443EPSS
Exploits0References1
Rows per page
Query Builder