4 matches found
php: PHP-FPM Log Manipulation Vulnerability
A flaw was found in PHP-FPM, the FastCGI Process Manager. This vulnerability can allow an attacker to manipulate or remove up to 4 characters from log messages via crafted log content, potentially polluting or altering the final log. If PHP-FPM is configured to use syslog output, further log data...
php: PHP-FPM Log Manipulation Vulnerability
A flaw was found in PHP-FPM, the FastCGI Process Manager. This vulnerability can allow an attacker to manipulate or remove up to 4 characters from log messages via crafted log content, potentially polluting or altering the final log. If PHP-FPM is configured to use syslog output, further log data...
Astra Linux – Vulnerability in PHP 8.2
In PHP versions 8.1. before 8.1.30, 8.2. before 8.2.24, and 8.3. before 8.3.12, when using PHP-FPM SAPI and the option catchworkersoutput is set to yes, it is possible to manipulate the log messages by removing up to 4 characters from the log messages. Additionally, if PHP-FPM is configured to us...
PHP 安全漏洞
PHP is a scripting language for PHP that executes on the server side. A security vulnerability exists in PHP that stems from the possibility of contaminating the final log or removing up to four characters from a log message by manipulating the contents of the log message...