35 matches found
PHP 5.6.x < 5.6.19 Multiple Vulnerabilities
According to its banner, the version of PHP running on the remote web server is 5.6.x prior to 5.6.19. It is, therefore, affected by multiple vulnerabilities : - A use-after-free error exists in file ext/wddx/wddx.c in the phpwddxpopelement function when handling XML data. An unauthenticated,...
CVE-2014-9767
CVE-2014-9767 is a directory traversal vulnerability in PHP’s ZipArchive::extractTo (ext/zip/php_zip.c) and HHVM’s ext/zip/ext_zip.cpp. It affects PHP versions before 5.4.45, 5.5.x before 5.5.29, and 5.6.x before 5.6.13, as well as HHVM before 3.12.1, allowing remote attackers to create arbitrary...
CVE-2014-9767
Directory traversal vulnerability in the ZipArchive::extractTo function in ext/zip/phpzip.c in PHP before 5.4.45, 5.5.x before 5.5.29, and 5.6.x before 5.6.13 and ext/zip/extzip.cpp in HHVM before 3.12.1 allows remote attackers to create arbitrary empty directories via a crafted ZIP archive...
PHP 7.0.x < 7.0.4 Multiple Vulnerabilities
According to its banner, the version of PHP running on the remote web server is 7.0.x prior to 7.0.4. It is, therefore, affected by multiple vulnerabilities : - A type confusion error exists in file ext/soap/phphttp.c in the makehttpsoaprequest function when handling cookie data. An...
CVE-2014-9767
Directory traversal vulnerability in the ZipArchive::extractTo function in ext/zip/phpzip.c in PHP before 5.4.45, 5.5.x before 5.5.29, and 5.6.x before 5.6.13 and ext/zip/extzip.cpp in HHVM before 3.12.1 allows remote attackers to create arbitrary empty directories via a crafted ZIP archive...
PHP <5.2.6 ZipArchive::extractTo()函数.zip文件目录遍历漏洞
No description provided by source...
PHP extractTo 函数导致非授权目录可写
No description provided by source...
Ubuntu 6.06 LTS / 7.10 / 8.04 LTS / 8.10 : php5 vulnerabilities (USN-720-1)
It was discovered that PHP did not properly enforce phpadminvalue and phpadminflag restrictions in the Apache configuration file. A local attacker could create a specially crafted PHP script that would bypass intended security restrictions. This issue only applied to Ubuntu 6.06 LTS, 7.10, and 8....
CVE-2008-5658
Directory traversal vulnerability in the ZipArchive::extractTo function in PHP 5.2.6 and earlier allows context-dependent attackers to write arbitrary files via a ZIP file with a file whose name contains .. dot dot sequences...
Directory traversal
Directory traversal vulnerability in the ZipArchive::extractTo function in PHP 5.2.6 and earlier allows context-dependent attackers to write arbitrary files via a ZIP file with a file whose name contains .. dot dot sequences...
CVE-2008-5658
Directory traversal vulnerability in the ZipArchive::extractTo function in PHP 5.2.6 and earlier allows context-dependent attackers to write arbitrary files via a ZIP file with a file whose name contains .. dot dot sequences...
CVE-2008-5658
CVE-2008-5658 : A directory traversal vulnerability in PHP before or equal to 5.2.6 affects ZipArchive::extractTo, allowing a context-dependent attacker to write arbitrary files via a ZIP entry name containing .. sequences. The initial description identifies the affected software as PHP 5.2.6 and...
PHP ZipArchive::extractTo()函数.zip文件目录遍历漏洞
BUGTRAQ ID: 32625 PHP是广泛使用的通用目的脚本语言,特别适合于Web开发,可嵌入到HTML中。 PHP所捆绑的zip扩展使用ZipArchive::extractTo将用户上传的zip文档解压到临时目录,但在解压时没有正确地过滤文档中所存储的文件名,因此在解压包含有相对文件名的zip文档时可能导致在临时目录外创建或覆盖文件。 PHP 5.2.7 PHP --- 目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本: http://www.php.net...
PHP ZipArchive::extractTo() directory traversal
Directory traversal then upacking ZIP files...
SE-2008-06.txt
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SektionEins GmbH www.sektioneins.de -= Security Advisory =- Advisory: PHP ZipArchive::extractTo Directory Traversal Vulnerability Release Date: 2008/12/04 Last Modified: 2008/12/04 Author: Stefan Esser stefan.esseratsektioneins.de Application: PHP 5 =...