88 matches found
Mandrake Security Advisory MDVSA-2009:188 (php4-eaccelerator)
The remote host is missing an update to php4-eaccelerator announced via advisory MDVSA-2009:188. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
eAccelerator encoder.php File Backup
The remote web server appears to be using eAccelerator, an open source extension for PHP designed to accelerate, optimize, and cache PHP scripts. The script 'encoder.php' included with the installation of eAccelerator on the remote host fails to sanitize user-supplied input to the 'source' and...
CVE-2009-2353
encoder.php in eAccelerator allows remote attackers to execute arbitrary code by copying a local executable file to a location under the web root via the -o option, and then making a direct request to this file, related to upload of image files...
Design/Logic Flaw
encoder.php in eAccelerator allows remote attackers to execute arbitrary code by copying a local executable file to a location under the web root via the -o option, and then making a direct request to this file, related to upload of image files...
CVE-2009-2353
encoder.php in eAccelerator allows remote attackers to execute arbitrary code by copying a local executable file to a location under the web root via the -o option, and then making a direct request to this file, related to upload of image files...
CVE-2009-2353
CVE-2009-2353 affects the PHP extension eAccelerator (encoder.php). The vulnerability arises when encoder.php copies a local executable file to a location under the web root via the -o option, and a subsequent direct HTTP request to that file allows remote code execution. Documentation in multipl...
eAccelerator encoder files backup Vulnerability
eAccelerator encoder files backup Vulnerability 1.Description eAccelerator is a free open-source PHP accelerator, optimizer, and dynamic content cache. It increases the performance of PHP scripts by caching them in their compiled state, so that the overhead of compiling is almost completely...
phpBB 2.0.16 released
Hi everyone, phpBB Group announces the release of phpBB 2.0.16. This release addresses some bugfixes and one critical security issue. To fix this, please apply the following change: In viewtopic.php Find: $message = strreplace'"', '"', substr@pregreplace'?^+|?Rse', "@pregreplace'b" . strreplace''...