Lucene search
K

22 matches found

Nuclei
Nuclei
added yesterday28 views

Apache2 - Transfer-Encoding Chunked XSS

Apache2 PHP before 5.6.38, 7.0.x before 7.0.32, 7.1.x before 7.1.22, and 7.2.x before 7.2.10 contain a reflected cross-site scripting vulnerability caused by mishandling of chunked transfer-encoding requests in sapi/apache2handler/sapiapache2.c. Attackers can execute malicious scripts via crafted...

6.1CVSS6.7AI score0.04103EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2018-17082

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Apache2 component in PHP before 5.6.38, 7.0.x before 7.0.32, 7.1.x before 7.1.22, and 7.2.x before 7.2.10 allows XSS via the body of a Transfer-Encoding:...

6.1CVSS6.6AI score0.04103EPSS
Exploits1References2
F5 Networks
F5 Networks
added 2023/02/21 7:58 p.m.62 views

K89095152: PHP vulnerability CVE-2018-17082

Security Advisory Description The Apache2 component in PHP before 5.6.38, 7.0.x before 7.0.32, 7.1.x before 7.1.22, and 7.2.x before 7.2.10 allows XSS via the body of a "Transfer-Encoding: chunked" request, because the bucket brigade is mishandled in the phphandler function in...

6.1CVSS6.2AI score0.04103EPSS
Exploits1
Openbugbounty
Openbugbounty
added 2022/06/21 4:43 p.m.15 views

demircihotel.com Cross Site Scripting vulnerability OBB-2662072

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.17 views

SUSE: Security Advisory (SUSE-SU-2018:3016-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.1CVSS6.6AI score0.04103EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.20 views

SUSE: Security Advisory (SUSE-SU-2018:2887-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.1CVSS6.6AI score0.04103EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.17 views

SUSE: Security Advisory (SUSE-SU-2018:3017-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.1CVSS6.6AI score0.04103EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2019/08/19 8:42 a.m.201 views

Moderate: Red Hat Security Advisory: rh-php71-php security, bug fix, and enhancement update

An update for rh-php71-php is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

9.8CVSS6.9AI score0.87883EPSS
Exploits30References34
IBM Security Bulletins
IBM Security Bulletins
added 2019/04/11 10:50 p.m.27 views

Security Bulletin: IBM BladeCenter Advanced Management Module (AMM) is affected by vulnerability in PHP (CVE-2018-17082)

Summary IBM Advanced Management Module AMM has addressed the following vulnerability in PHP. Vulnerability Details CVEID: CVE-2018-17082 DESCRIPTION: PHP is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the Apache2 component. A remote attacker could...

6.1CVSS1.2AI score0.04103EPSS
Exploits1Affected Software1
Tenable Nessus
Tenable Nessus
added 2019/01/02 12:0 a.m.33 views

SUSE SLES12 Security Update : php7 (SUSE-SU-2018:2887-1)

This update for php7 fixes the following issues : CVE-2018-17082: The Apache2 component in PHP allowed XSS via the body of a 'Transfer-Encoding: chunked' request, because the bucket brigade was mishandled in the phphandler function bsc1108753. Note that Tenable Network Security has extracted the...

6.1CVSS6.6AI score0.04103EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2019/01/02 12:0 a.m.33 views

SUSE SLES12 Security Update : php5 (SUSE-SU-2018:3017-1)

This update for php5 fixes the following issue : CVE-2018-17082: The Apache2 component in PHP allowed XSS via the body of a 'Transfer-Encoding: chunked' request, because the bucket brigade was mishandled in the phphandler function bsc1108753 Note that Tenable Network Security has extracted the...

6.1CVSS6.6AI score0.04103EPSS
Exploits1References4
Debian
Debian
added 2018/12/10 9:40 p.m.140 views

[SECURITY] [DSA 4353-1] php7.0 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4353-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff December 10, 2018 https://www.debian.org/security/faq -...

8.5CVSS8.2AI score0.9523EPSS
Exploits8
Tenable Nessus
Tenable Nessus
added 2018/12/03 12:0 a.m.56 views

GLSA-201812-01 : PHP: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201812-01 PHP: Multiple vulnerabilities Multiple vulnerabilities have been discovered in PHP. Please review the referenced CVE identifiers for details. Impact : An attacker could cause a Denial of Service condition or obtain...

8.8CVSS6.4AI score0.10433EPSS
Exploits1References6
OpenVAS
OpenVAS
added 2018/10/26 12:0 a.m.19 views

openSUSE: Security Advisory for php7 (openSUSE-SU-2018:3062-1)

The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

6.1CVSS6.5AI score0.04103EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2018/10/19 12:0 a.m.64 views

Amazon Linux AMI : php56 / php70, php71, php72 (ALAS-2018-1090)

The Apache2 component in PHP before 5.6.38, 7.0.x before 7.0.32, 7.1.x before 7.1.22, and 7.2.x before 7.2.10 allows XSS via the body of a 'Transfer-Encoding: chunked' request, because the bucket brigade is mishandled in the phphandler function in sapi/apache2handler/sapiapache2.c. CVE-2018-17082...

6.1CVSS6.6AI score0.04103EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2018/10/09 12:0 a.m.47 views

openSUSE Security Update : php5 (openSUSE-2018-1130)

This update for php5 fixes the following issue : - CVE-2018-17082: The Apache2 component in PHP allowed XSS via the body of a 'Transfer-Encoding: chunked' request, because the bucket brigade was mishandled in the phphandler function bsc1108753 This update was imported from the SUSE:SLE-12:Update...

6.1CVSS6.7AI score0.04103EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2018/10/09 12:0 a.m.30 views

SUSE SLES11 Security Update : php53 (SUSE-SU-2018:3018-1)

This update for php53 fixes the following issue : CVE-2018-17082: The Apache2 component in PHP allowed XSS via the body of a 'Transfer-Encoding: chunked' request, because the bucket brigade was mishandled in the phphandler function bsc1108753 Note that Tenable Network Security has extracted the...

6.1CVSS6.6AI score0.04103EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2018/10/09 12:0 a.m.27 views

openSUSE Security Update : php7 (openSUSE-2018-1131)

This update for php7 fixes the following issues : This security issue was fixed : - CVE-2018-17082: The Apache2 component in PHP allowed XSS via the body of a 'Transfer-Encoding: chunked' request, because the bucket brigade was mishandled in the phphandler function bsc1108753 This non-security...

6.1CVSS6.7AI score0.04103EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2018/10/07 12:0 a.m.22 views

openSUSE: Security Advisory for php5 (openSUSE-SU-2018:3056-1)

The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

6.1CVSS6.5AI score0.04103EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2018/09/28 12:0 a.m.42 views

openSUSE: Security Advisory for php7 (openSUSE-SU-2018:2929-1)

The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

6.1CVSS6.5AI score0.04103EPSS
Exploits1References2
Rows per page
Query Builder