CVE-2017-5333

Integer overflow in the extractgroupiconcursorresource function in b/wrestool/extract.c in icoutils before 0.31.1 allows local users to cause a denial of service process crash or execute arbitrary code via a crafted executable file...

CVE-2011-0420

The graphemeextract function in the Internationalization extension Intl for ICU for PHP 5.3.5 allows context-dependent attackers to cause a denial of service crash via an invalid size argument, which triggers a NULL pointer dereference...

PHP < 5.2.15 Security Bypass Vulnerability

PHP is prone to a security bypass vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; ifdescription...

CVE-2011-0752

The extract function in PHP before 5.2.15 does not prevent use of the EXTROVERWRITE parameter to overwrite 1 the GLOBALS superglobal array and 2 the this variable, which allows context-dependent attackers to bypass intended access restrictions by modifying data structures that were not intended t...

Design/Logic Flaw

The extract function in PHP before 5.2.15 does not prevent use of the EXTROVERWRITE parameter to overwrite 1 the GLOBALS superglobal array and 2 the this variable, which allows context-dependent attackers to bypass intended access restrictions by modifying data structures that were not intended t...

CVE-2011-0752

The extract function in PHP before 5.2.15 does not prevent use of the EXTROVERWRITE parameter to overwrite 1 the GLOBALS superglobal array and 2 the this variable, which allows context-dependent attackers to bypass intended access restrictions by modifying data structures that were not intended t...

CVE-2011-0752

PHP 5.2.x before 5.2.15 is affected by an exploit in the extract function where EXTR_OVERWRITE can overwrite the GLOBALS array and the this variable, enabling context‑dependent attackers to bypass access restrictions by modifying data structures. The issue is tied to previous CVEs (2005/2006) and...

CVE-2011-0752

The extract function in PHP before 5.2.15 does not prevent use of the EXTROVERWRITE parameter to overwrite 1 the GLOBALS superglobal array and 2 the this variable, which allows context-dependent attackers to bypass intended access restrictions by modifying data structures that were not intended t...

PHP 5.2.x < 5.2.15 Multiple Vulnerabilities

Binary data 801097.prm...

PHP 5.2 < 5.2.15 Multiple Vulnerabilities

According to its banner, the version of PHP 5.2 installed on the remote host is older than 5.2.15. Such versions may be affected by several security issues : - A crash in the zip extract method. - A possible double free exists in the imap extension. CVE-2010-4150 - An unspecified flaw exists in...

mysql_error() XSS Vulnerability

不正确使用mysqlerror导致的Vul。当然前提是$db可以覆盖，那么就很鸡肋了，或者就不能叫Vul了，O∩∩OJust For Fun mysqlerror http://hi.baidu.com/menzhi007/blog/item/7583dc0390316d7d3912bbbf.html ?php $db='menzhi007'; extract$GET; $link = mysqlconnect"localhost", "root", ""; mysqlselectdb$db, $link; echo mysqlerror$link; ?...

e107 download.php &quot;extract()&quot;漏洞

CNCAN ID：CNCAN-2008081109 e107是一款基于PHP的WEB应用程序。 e107不正确处理用户提交的输入，远程攻击者可以利用漏洞进行SQL注入攻击，获得敏感信息或操作数据库。 问题是由于'download.php'脚本不安全使用"extract"函数，允许通过POST方法传递输入来覆盖任意变量，这可导致修改部分SQL查询并执行任意PHP代码。 e107 0.x E107 CVS库已经修正此漏洞： http://e107.org/...

Phpcms 2 0 0 7 remote file inclusion vulnerability-vulnerability warning-the black bar safety net

zzPhpcms 2 0 0 7 remote file include vulnerability url:http://www. wolvez. org/forum/redirect. php? tid=1 8 2&goto=lastpost This vulnerability is a more common variable coverage holes, where the transfer is due to the discovery of this vulnerability if it is a white box that you want to have a...

Fuzzylime CMS 3.01 - &#039;commrss.php&#039; Remote Code Execution

Conditions: None Greetz: Inphex, hEEGy and austeN Explanations Ok, so today we will go for a walk in the fuzzylime cms maze ... Finding vulns was easy, but finding a no condition vuln was quite harder ... First, we look to the code/content.php file:...

Phpcms 2007 common.inc.php远程文件包含漏洞

该cms的核心配置文件/include/common.inc.php有缺陷 -------------------------------------------- //23行开始 @extract$POST, EXTROVERWRITE; @extract$GET, EXTROVERWRITE; unset$POST, $GET; ------------------------------------------------ 这里extract函数会导致变量覆盖，可能引发一系列的问题...

AZL-6828 CVE-2007-4559 affecting package python3 for versions less than 3.9.19-1

Directory traversal vulnerability in the 1 extract and 2 extractall functions in the tarfile module in Python allows user-assisted remote attackers to overwrite arbitrary files via a .. dot dot sequence in filenames in a TAR archive, a related issue to CVE-2001-1267...

AZL-6822 CVE-2007-4559 affecting package python2 for versions less than 2.7.18-8

Directory traversal vulnerability in the 1 extract and 2 extractall functions in the tarfile module in Python allows user-assisted remote attackers to overwrite arbitrary files via a .. dot dot sequence in filenames in a TAR archive, a related issue to CVE-2001-1267...

PSF-2007-2 Directory path traversal in extract() and extractall() tarfile functions via '..' (dot dot) sequences

Directory traversal vulnerability in the 1 extract and 2 extractall functions in the tarfile module in Python allows user-assisted remote attackers to overwrite arbitrary files via a .. dot dot sequence in filenames in a TAR archive, a related issue to CVE-2001-1267...

CVE-2007-0975

CVE-2007-0975 affects Ian Bezanson Apache Stats prior to 0.0.3 beta. The vulnerability is a variable extraction issue: the extract function on the _REQUEST superglobal can overwrite critical variables. The impact is stated as unknown in the source material. CVSS 2.0 base score is 5.0 (Medium). No...

Design/Logic Flaw

Variable extract vulnerability in Apache Stats before 0.0.3beta allows attackers to modify arbitrary variables and conduct attacks via unknown vectors involving the use of PHP's extract function...