75 matches found
CVE-2023-53944
EasyPHP Webserver 14.1 contains a path traversal vulnerability that allows remote users with low privileges to access files outside the document root by bypassing SecurityManager restrictions. Attackers can send GET requests with encoded directory traversal sequences like /..%5c..%5c to read syst...
CVE-2023-53941
EasyPHP Webserver 14.1 contains an OS command injection vulnerability that allows unauthenticated attackers to execute arbitrary system commands by injecting malicious payloads through the appservicecontrol parameter. Attackers can send POST requests to /index.php?zone=settings with crafted...
CVE-2023-53944
EasyPHP Webserver 14.1 contains a path traversal vulnerability that allows remote users with low privileges to access files outside the document root by bypassing SecurityManager restrictions. Attackers can send GET requests with encoded directory traversal sequences like /..%5c..%5c to read syst...
CVE-2023-53944
EasyPHP Webserver 14.1 contains a path traversal vulnerability that allows remote users with low privileges to access files outside the document root by bypassing SecurityManager restrictions. Attackers can send GET requests with encoded directory traversal sequences like /..%5c..%5c to read syst...
CVE-2023-53941
EasyPHP Webserver 14.1 contains an OS command injection vulnerability that allows unauthenticated attackers to execute arbitrary system commands by injecting malicious payloads through the appservicecontrol parameter. Attackers can send POST requests to /index.php?zone=settings with crafted...
CVE-2023-53941
EasyPHP Webserver 14.1 contains an OS command injection vulnerability that allows unauthenticated attackers to execute arbitrary system commands by injecting malicious payloads through the appservicecontrol parameter. Attackers can send POST requests to /index.php?zone=settings with crafted...
CVE-2023-53944 EasyPHP Webserver 14.1 Path Traversal via Directory Traversal Sequences
EasyPHP Webserver 14.1 contains a path traversal vulnerability that allows remote users with low privileges to access files outside the document root by bypassing SecurityManager restrictions. Attackers can send GET requests with encoded directory traversal sequences like /..%5c..%5c to read syst...
CVE-2023-53944 EasyPHP Webserver 14.1 Path Traversal via Directory Traversal Sequences
EasyPHP Webserver 14.1 contains a path traversal vulnerability that allows remote users with low privileges to access files outside the document root by bypassing SecurityManager restrictions. Attackers can send GET requests with encoded directory traversal sequences like /..%5c..%5c to read syst...
CVE-2023-53944
EasyPHP Webserver 14.1 is affected by a path traversal vulnerability (CVE-2023-53944) that allows remote low-privilege users to read files outside the document root by bypassing SecurityManager. The documented payload involves crafted GET requests with encoded directory traversal sequences such a...
CVE-2023-53941 EasyPHP Webserver 14.1 Remote Code Execution
EasyPHP Webserver 14.1 contains an OS command injection vulnerability that allows unauthenticated attackers to execute arbitrary system commands by injecting malicious payloads through the appservicecontrol parameter. Attackers can send POST requests to /index.php?zone=settings with crafted...
CVE-2023-53941 EasyPHP Webserver 14.1 Remote Code Execution
EasyPHP Webserver 14.1 contains an OS command injection vulnerability that allows unauthenticated attackers to execute arbitrary system commands by injecting malicious payloads through the appservicecontrol parameter. Attackers can send POST requests to /index.php?zone=settings with crafted...
PT-2025-52320
Name of the Vulnerable Software and Affected Versions EasyPHP Webserver version 14.1 Description An unauthenticated attacker can execute arbitrary system commands. This is possible by injecting malicious payloads through the app service control parameter. Attackers can send POST requests to the...
EasyPHP Webserver 安全漏洞
EasyPHP Webserver is an EasyPHP open source platform where you can build a development environment. A security vulnerability exists in EasyPHP Webserver version 14.1, which stems from a path traversal vulnerability that could lead to reading system files...
PT-2025-52323
Name of the Vulnerable Software and Affected Versions EasyPHP Webserver version 14.1 Description A path traversal flaw exists in EasyPHP Webserver that permits unauthenticated remote users with limited privileges to access files beyond the intended document root. This is achieved by circumventing...
EasyPHP Webserver 操作系统命令注入漏洞
EasyPHP Webserver is an EasyPHP open source platform that can build development environments. An operating system command injection vulnerability exists in EasyPHP Webserver version 14.1, which stems from OS command injection and could lead to the execution of arbitrary system commands...
EUVD-2024-33692
Malicious code in bioql PyPI...
EUVD-2023-44400
Malicious code in bioql PyPI...
CVE-2024-11215
Absolute path traversal incorrect restriction of a path to a restricted directory vulnerability in the EasyPHP web server, affecting version 14.1. This vulnerability could allow remote users to bypass SecurityManager restrictions and retrieve any file stored on the server by setting only...
CVE-2024-11215
Absolute path traversal incorrect restriction of a path to a restricted directory vulnerability in the EasyPHP web server, affecting version 14.1. This vulnerability could allow remote users to bypass SecurityManager restrictions and retrieve any file stored on the server by setting only...
CVE-2024-11215 Path traversal vulnerability in EasyPHP
Absolute path traversal incorrect restriction of a path to a restricted directory vulnerability in the EasyPHP web server, affecting version 14.1. This vulnerability could allow remote users to bypass SecurityManager restrictions and retrieve any file stored on the server by setting only...