13 matches found
Exploit for OS Command Injection in Php
PHP-CGI Injector 🚀 CVE-2024-4577 & CVE-2024-8926 Exploit To...
Azure Linux 3.0 Security Update: php (CVE-2024-8926)
The version of php installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-8926 advisory. - In PHP versions 8.1. before 8.1.30, 8.2. before 8.2.24, 8.3. before 8.3.12, when using a certain non- standard...
CBL Mariner 2.0 Security Update: php (CVE-2024-8926)
The version of php installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-8926 advisory. - In PHP versions 8.1. before 8.1.30, 8.2. before 8.2.24, 8.3. before 8.3.12, when using a certain non- standard...
Slackware Linux 15.0 php81 Multiple Vulnerabilities (SSA:2024-297-01)
The version of php81 installed on the remote host is prior to 8.1.30. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2024-297-01 advisory. New php81 packages are available for Slackware 15.0 to fix security issues. Tenable has extracted the preceding description...
CVE-2024-8926
In PHP versions 8.1. before 8.1.30, 8.2. before 8.2.24, 8.3. before 8.3.12, when using a certain non-standard configurations of Windows codepages, the fixes for CVE-2024-4577 https://github.com/advisories/GHSA-vxpp-6299-mxw3 may still be bypassed and the same command injection related to Windows...
Fedora: Security Advisory (FEDORA-2024-7c800c4df7)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 39 : php (2024-7c800c4df7)
The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-7c800c4df7 advisory. PHP version 8.2.24 26 Sep 2024 CGI: Fixed bug GHSA-p99j-rfp4-xqvq Bypass of CVE-2024-4577, Parameter Injection Vulnerability. CVE-2024-8926 nielsdos...
PHP 8.3.x < 8.3.12 Multiple Vulnerabilities
According to its self-reported version number, the version of PHP installed on the remote host is 8.1.x prior to 8.1.30, 8.2.x prior to 8.2.24, or 8.3.x prior to 8.3.12. It is, therefore, affected by multiple vulnerabilities: - Parameter injection vulnerability with a bypass of CVE-2024-4577...
Debian: Security Advisory (DSA-5780-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory (FEDORA-2024-2b429e720e)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 40 : php (2024-2b429e720e)
The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-2b429e720e advisory. PHP version 8.3.12 26 Sep 2024 CGI: Fixed bug GHSA-p99j-rfp4-xqvq Bypass of CVE-2024-4577, Parameter Injection Vulnerability. CVE-2024-8926 nielsdos...
Debian dsa-5780 : libapache2-mod-php8.2 - security update
The remote Debian 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5780 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-5780-1 [email protected] https://www.debian.org/securit...
PHP < 8.1.30, 8.2.x < 8.2.24, 8.3.x < 8.3.12 Multiple Vulnerabilities - Windows
PHP is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; if description...