EUVD-2004-1389

Malware in sbrugna...

Oracle Solaris Third-Party Patch Update : php (cve_2013_4113_buffer_errors)

The remote Solaris system is missing necessary patches to address security updates : - Session fixation vulnerability in the Sessions subsystem in PHP before 5.5.2 allows remote attackers to hijack web sessions by specifying a session ID. CVE-2011-4718 - Unspecified vulnerability in the...

PHP < 5.2.12 Multiple Vulnerabilities

According to its banner, the version of PHP installed on the remote host is older than 5.2.12. Such versions may be affected by several security issues : - It is possible to bypass the 'safemode' configuration setting using 'tempnam'. CVE-2009-3557 - It is possible to bypass the 'openbasedir'...

vhcs-root.txt

!/usr/bin/php -q http://acid-root.new.fr/ [email protected] Exploit: + Logged in Administrator + The administrator has 2 resellers / Changing dareseller's password / Trying to connect as dareseller:thatpwnz + Login successful + The reseller has 2 users + Host domaintest.fr is connected /...

VHCS 2.4.7.1 - &#039;vhcs2_daemon&#039; Remote Code Execution

!/usr/bin/php -q http://acid-root.new.fr/ [email protected] Exploit: + Logged in Administrator + The administrator has 2 resellers / Changing dareseller's password / Trying to connect as dareseller:thatpwnz + Login successful + The reseller has 2 users + Host domaintest.fr is connected /...

CVE-2004-1392

PHP 4.0 with cURL functions allows remote attackers to bypass the openbasedir setting and read arbitrary files via a file: URL argument to the curlinit function...