SUSE CVE-2008-2051

The escapeshellcmd API function in PHP before 5.2.6 has unknown impact and context-dependent attack vectors related to "incomplete multibyte chars."...

MagpieRSS 0.72 Code Execution / Server-Side Request Forgery

Exploit Title: MagpieRSS 0.72 - 'url' Command Injection and Server Side Request Forgery Date: 24 March 2021 Exploit Author: bl4ckh4ck5 Vendor Homepage: http://magpierss.sourceforge.net/ Software Link:...

MagpieRSS 0.72 - 'url' Command Injection

Exploit Title: MagpieRSS 0.72 - 'url' Command Injection and Server Side Request Forgery Date: 24 March 2021 Exploit Author: bl4ckh4ck5 Vendor Homepage: http://magpierss.sourceforge.net/ Software Link:...

Arbitrary Command Execution

php is vulnerable to arbitrary command execution. The vulnerability exists as it was discovered that the PHP escapeshellcmd function did not properly escape multi-byte characters which are not valid in the locale used by the script. This could allow an attacker to bypass quoting restrictions...

PHP 5.6.x < 5.6.18 Multiple Vulnerabilities

According to its banner, the version of PHP running on the remote web server is 5.6.x prior to 5.6.18. It is, therefore, affected by multiple vulnerabilities : - The Perl-Compatible Regular Expressions PCRE library is affected by multiple vulnerabilities related to the handling of regular...

Remote Code Execution

$highlight = Pygmentize::highlight'?php phpinfo;', ';uname -a '; printr$highlight; This will produce the following output: Darwin Micheals-MBP 16.1.0 Darwin Kernel Version 16.1.0: Thu Oct 13 21:26:57 PDT 2016; root:xnu-3789.21.360/RELEASEX8664 x8664 The problem lines appear to be here:...

CVE-2017-7692

SquirrelMail 1.4.22 and other versions before 201704270200-SVN allows post-authentication remote code execution via a sendmail.cf file that is mishandled in a popen call. It's possible to exploit this vulnerability to execute arbitrary shell commands on the remote server. The problem is in the...

CVE-2017-7692

SquirrelMail 1.4.22 and other versions before 201704270200-SVN allows post-authentication remote code execution via a sendmail.cf file that is mishandled in a popen call. It's possible to exploit this vulnerability to execute arbitrary shell commands on the remote server. The problem is in the...

CVE-2017-7692

CVE-2017-7692 affects SquirrelMail up to 1.4.22 (and likely older in SVN builds) where the sendmail delivery path mishandles a user-controlled sendmail.cf via a popen call. The root cause is the use of escapeshellcmd() in Deliver_SendMail.class.php/initStream, which fails to escape spaces, enabli...

The Nagios Core code execution vulnerability, CVE-2016-9565 analysis-vulnerability warning-the black bar safety net

Author: p0wd3r, dawu know Chong Yu 404 security lab Date: 2016-12-15 0x00 vulnerability overview 1. Vulnerability description Nagios is a monitoring of the IT infrastructure program, recently security researchers Dawid Golunski found in Nagios Core there is a code execution vulnerability: an...

Tenable SecurityCenter PHP Character Handling (TNS-2015-09)

The SecurityCenter application installed on the remote host contains a bundled version of PHP that is prior to 5.4.43. It is, therefore, affected by an exclamation mark character handling issue in the escapeshellcmd and escapeshellarg PHP functions. A remote attacker can exploit this to substitut...

PHP 7.0.x < 7.0.3 Multiple Vulnerabilities

According to its banner, the version of PHP running on the remote web server is 7.0.x prior to 7.0.3. It is, therefore, affected by multiple vulnerabilities : - The Perl-Compatible Regular Expressions PCRE library is affected by multiple vulnerabilities related to the handling of regular...

PHP 5.4.x < 5.4.43 / 5.5.x < 5.5.27 / 5.6.x < 5.6.11 Multiple Vulnerabilities (BACKRONYM)

Binary data 8953.prm...

Oracle Linux 4 : php (ELSA-2008-0545)

From Red Hat Security Advisory 2008:0545 : Updated php packages that fix several security issues and a bug are now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. PHP is an HTML-embedded scripting...

Narcissus Remote Command Execution Vulnerability

Exploit for php platform in category web applications Discovered by dun \ posdubatgmail.com 2012-11-13 Narcissus Remote Command Execution Vulnerability Script: "Narcissus - Online image builder for the angstrom distribution" Vendor: http://www.angstrom-distribution.org/ Download:...

Scientific Linux Security Update : php on SL5.x i386/x86_64

It was discovered that the PHP escapeshellcmd function did not properly escape multi-byte characters which are not valid in the locale used by the script. This could allow an attacker to bypass quoting restrictions imposed by escapeshellcmd and execute arbitrary commands if the PHP script was usi...

PHP <4.4.8,5.2.x<5.2.6 escapeshellcmd 拒绝服务漏洞

No description provided by source...

PHP code execution vulnerability references summary-vulnerability warning-the black bar safety net

A code execution function In PHP you can execute the Code of the function. Such as eval , assert , theand system and exec and shellexec and passthru and escapeshellcmd and pcntlexec , etc. demo code 1.1: The second file contains the code injection The file containing the function in the specific...

PEAR Net_Traceroute: Command injection

Background PEAR NetTraceroute is an OS independent wrapper class for executing traceroute calls from PHP. Description Pasquale Imperato reported that the $host parameter to the traceroute function in Traceroute.php is not properly sanitized before being passed to exec. Impact A remote attacker...

MundiMail 0.8.2 - Remote Code Execution

MundiMail 0.8.2 - Remote Code Execution Reference: http://www.ccat.edu.mx/advisors/advisor5/advisor5.html Credits: Ccat Research Labs - México - Coatepec, Ver. www.ccat.edu.mx Software Link: http://sourceforge.net/projects/mundimail/ Tested on: Debian, Centos & Windows Server 2000 Preview: Code...