10 matches found
Linux Distros Unpatched Vulnerability : CVE-2016-6175
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Eval injection vulnerability in php-gettext 1.0.12 and earlier allows remote attackers to execute arbitrary PHP code via a crafted plural forms header...
FreeBSD : tt-rss -- multiple vulnerabilities (2eec1e85-faf3-11ea-8ac0-4437e6ad11c4)
tt-rss project reports : The cachedurl feature mishandles JavaScript inside an SVG document. imgproxy in plugins/afproxyhttp/init.php mishandles $REQUEST'url' in an error message. It does not validate all URLs before requesting them. Allows remote attackers to execute arbitrary PHP code via a...
CVE-2016-6175
Eval injection vulnerability in php-gettext 1.0.12 and earlier allows remote attackers to execute arbitrary PHP code via a crafted plural forms header...
CVE-2016-6175
Eval injection vulnerability in php-gettext 1.0.12 and earlier allows remote attackers to execute arbitrary PHP code via a crafted plural forms header...
CVE-2016-6175
The vulnerability CVE-2016-6175 affects php-gettext up to version 1.0.12, where eval injection in the plural forms header allows remote attackers to execute arbitrary PHP code. Exploitation is evidenced by an in-the-wild exploit (Exploit-DB entry) and multiple security feeds. The issue is caused ...
CVE-2016-6175
Eval injection vulnerability in php-gettext 1.0.12 and earlier allows remote attackers to execute arbitrary PHP code via a crafted plural forms header...
PHP gettext 1.0.12 Code Execution
CVE-2016-6175 gettext.php | @kmkzsecurity Project Homepage: https://launchpad.net/php-gettext/ Download: https://launchpad.net/php-gettext/trunk/1.0.12/+download/php-gettext-1.0.12.tar.gz Version: 1.0.12 latest release Tested on: Linux Debian, PHP 5.6.19-2+b1 CVSS: 7.1 OVE ID: OVE-20160705-0004 C...
CVE-2016-6175
creationtimestamp| type| source ---|---|--- 2016-07-25 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/40154...
PHP gettext 1.0.12 - (gettext.php) Unauthenticated Code Execution
Exploit for php platform in category web applications CVE-2016-6175 gettext.php | @kmkzsecurity Project Homepage: https://launchpad.net/php-gettext/ Download: https://launchpad.net/php-gettext/trunk/1.0.12/+download/php-gettext-1.0.12.tar.gz Version: 1.0.12 latest release Tested on: Linux Debian,...
PHP gettext 1.0.12 - 'gettext.php' Code Execution
CVE-2016-6175 gettext.php | @kmkzsecurity Project Homepage: https://launchpad.net/php-gettext/ Download: https://launchpad.net/php-gettext/trunk/1.0.12/+download/php-gettext-1.0.12.tar.gz Version: 1.0.12 latest release Tested on: Linux Debian, PHP 5.6.19-2+b1 CVSS: 7.1 OVE ID: OVE-20160705-0004 C...