CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2014-2051

Malware in sbrugna...

7.5CVSS6.4AI score0.01963EPSS

Exploits0References4

Friends Of PHP•added 2018/04/16 5:23 p.m.•9 views

Crypt encryption compromised.

More info at https://fuelphp.com/security-advisories...

7.2AI score

Exploits0Affected Software1

Friends Of PHP•added 2016/09/27 8:6 a.m.•9 views

ImageMagick driver does not escape all shell arguments.

More info at https://fuelphp.com/security-advisories...

0.4AI score

Exploits0Affected Software1

NVD•added 2014/07/20 11:12 a.m.•9 views

CVE-2014-1999

The auto-format feature in the RequestCurl class in FuelPHP 1.1 through 1.7.1 allows remote attackers to execute arbitrary code via a crafted response...

7.5CVSS7.5AI score0.01963EPSS

Exploits0References3

ATTACKERKB•added 2014/07/20 11:12 a.m.•1 views

CVE-2014-1999

The auto-format feature in the RequestCurl class in FuelPHP 1.1 through 1.7.1 allows remote attackers to execute arbitrary code via a crafted response...

7.5CVSS6.2AI score0.01963EPSS

Exploits0References4

Prion•added 2014/07/20 11:12 a.m.•12 views

Format string

The auto-format feature in the RequestCurl class in FuelPHP 1.1 through 1.7.1 allows remote attackers to execute arbitrary code via a crafted response...

7.5CVSS8.1AI score0.01963EPSS

Exploits0References3Affected Software1

Cvelist•added 2014/07/20 10:0 a.m.•13 views

CVE-2014-1999

The auto-format feature in the RequestCurl class in FuelPHP 1.1 through 1.7.1 allows remote attackers to execute arbitrary code via a crafted response...

7.5AI score0.01963EPSS

Exploits0References3

CVE•added 2014/07/20 10:0 a.m.•49 views

CVE-2014-1999

CVE-2014-1999 affects FuelPHP’s Request_Curl class (versions 1.1–1.7.1) where an auto-format feature can process crafted responses and lead to arbitrary code execution on the application server. The root cause is unsafe auto-formatting of curl responses, enabling remote code execution when untrus...

7.5CVSS7.8AI score0.01963EPSS

Exploits0References3Affected Software1

Japan Vulnerability Notes•added 2014/07/18 4:50 a.m.•5 views

FuelPHP vulnerable to remote code execution

Overview FuelPHP is a PHP web framework for creating web applications. FuelPHP applications contain an issue in the RequestCurl class, which may result in arbitrary code execution. Masaaki Chida of GREE, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under...

7.5CVSS7.9AI score0.01963EPSS

Exploits0References6

Japan Vulnerability Notes•added 2014/07/18 12:0 a.m.•32 views

JVN#94791545: FuelPHP vulnerable to remote code execution

FuelPHP is a PHP web framework for creating web applications. FuelPHP applications contain an issue in the RequestCurl class, which may result in arbitrary code execution. Impact When specially crafted input is processed, arbitrary files may be deleted or arbitrary code may be executed on the...

7.5CVSS7AI score0.01963EPSS

Exploits0

FuelPHP•added 2013/08/24 12:0 a.m.•21 views

xss_clean() doesn't clean unicode EM-spaces

On some browsers, this can cause javascript execution if send unencoded to the browser. Since FuelPHP encodes everything send to a view by default, we don't think it's an immediate risk. All released versions are affected. XSS cleaning in FuelPHP is done by the external library htmlLawed. We have...

6.3AI score

Exploits0Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by