Lucene search
K

10 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/02 12:0 a.m.22 views

Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS : PHP vulnerabilities (USN-8336-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8336-1 advisory. Aleksey Solovev and Nikita Sveshnikov discovered that PHP improperly handled NUL bytes when preparing SQL queries in the...

9.8CVSS6.2AI score0.0078EPSS
Exploits1References10
Ubuntu
Ubuntu
added 2026/05/28 1:31 p.m.21 views

USN-8336-1: PHP vulnerabilities

Aleksey Solovev and Nikita Sveshnikov discovered that PHP improperly handled NUL bytes when preparing SQL queries in the PDO Firebird driver. An attacker could possibly use this issue to perform SQL injection attacks. CVE-2025-14179 It was discovered that PHP incorrectly handled certain encoding...

9.8CVSS6.2AI score0.0078EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2026/05/12 12:0 a.m.16 views

PT-2026-40305

In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, 8.5. before 8.5.6, due to improper sanitation of user data, it allows an attacker to compose an URL, which will cause the target to execute arbitrary JavaScript code XSS on the target's machine when the target is viewing...

8.8CVSS6.2AI score0.0021EPSS
Exploits1References3
UbuntuCve
UbuntuCve
added 2026/05/10 5:16 a.m.9 views

CVE-2026-6735

In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, 8.5. before 8.5.6, due to improper sanitation of user data, it allows an attacker to compose an URL, which will cause the target to execute arbitrary JavaScript code XSS on the target's machine when the target is viewing...

8.8CVSS6AI score0.0021EPSS
Exploits1References2
OSV
OSV
added 2026/05/10 5:16 a.m.8 views

UBUNTU-CVE-2026-6735

In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, 8.5. before 8.5.6, due to improper sanitation of user data, it allows an attacker to compose an URL, which will cause the target to execute arbitrary JavaScript code XSS on the target's machine when the target is viewing...

8.8CVSS6.2AI score0.0021EPSS
Exploits1References4
EUVD
EUVD
added 2026/05/10 3:27 a.m.12 views

EUVD-2026-28967

In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, 8.5. before 8.5.6, due to improper sanitation of user data, it allows an attacker to compose an URL, which will cause the target to execute arbitrary JavaScript code XSS on the target's machine when the target is viewing...

8.8CVSS6.2AI score0.0021EPSS
Exploits1References1
Debian CVE
Debian CVE
added 2026/05/10 3:27 a.m.16 views

CVE-2026-6735

In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, 8.5. before 8.5.6, due to improper sanitation of user data, it allows an attacker to compose an URL, which will cause the target to execute arbitrary JavaScript code XSS on the target's machine when the target is viewing...

8.8CVSS6.2AI score0.0021EPSS
Exploits1
AlpineLinux
AlpineLinux
added 2026/05/10 3:27 a.m.9 views

CVE-2026-6735

In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, 8.5. before 8.5.6, due to improper sanitation of user data, it allows an attacker to compose an URL, which will cause the target to execute arbitrary JavaScript code XSS on the target's machine when the target is viewing...

8.8CVSS6.2AI score0.0021EPSS
Exploits1
CNNVD
CNNVD
added 2026/05/10 12:0 a.m.10 views

PHP 跨站脚本漏洞

PHP is an open-source scripting language executed on the server side. Versions of PHP prior to 8.2.31, 8.3.31, 8.4.21, and 8.5.6 had a cross-site scripting vulnerability. This vulnerability stemmed from improper handling of user data, allowing attackers to construct URLs that allowed arbitrary...

8.8CVSS5.9AI score0.0021EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/05/07 12:0 a.m.23 views

PT-2026-39445

Name of the Vulnerable Software and Affected Versions PHP versions 8.2.0 through 8.2.30 PHP versions 8.3.0 through 8.3.30 PHP versions 8.4.0 through 8.4.20 PHP versions 8.5.0 through 8.5.5 Description Improper sanitation of user data allows an attacker to compose a URL that executes arbitrary...

9.8CVSS6AI score0.0078EPSS
Exploits1References99
Rows per page
Query Builder