PHP <= 5.2.1 substr_compare() Information Leak Exploit

No description provided by source. ?php //////////////////////////////////////////////////////////////////////// // // // | || | | | | | | | || || \ // // | |/ || '|/ |/ -| ' \ / -/ |||| /| || / // // ||||,||| ,|||||||,| || |||||| // // // // Proof of concept code from the Hardened-PHP...

PHP < 4.4.5 / 5.2.1 WDDX Session Deserialization Information Leak

No description provided by source. ?php //////////////////////////////////////////////////////////////////////// // // // | || | | | | | | | || || \ // // | |/ || '|/ |/ -| ' \ / -/ |||| /| || / // // ||||,||| ,|||||||,| || |||||| // // // // Proof of concept code from the Hardened-PHP...

PHP < 4.4.5 / 5.2.1 (shmop Functions) Local Code Execution Exploit

No description provided by source. ?php //////////////////////////////////////////////////////////////////////// // // // | || | | | | | | | || || \ // // | |/ || '|/ |/ -| ' \ / -/ |||| /| || / // // ||||,||| ,|||||||,| || |||||| // // // // Proof of concept code from the Hardened-PHP...

PHP < 4.4.5 / 5.2.1 _SESSION unset() Local Exploit

No description provided by source. ?php //////////////////////////////////////////////////////////////////////// // // // | || | | | | | | | || || \ // // | |/ || '|/ |/ -| ' \ / -/ |||| /| || / // // ||||,||| ,|||||||,| || |||||| // // // // Proof of concept code from the Hardened-PHP...

PHP <= 4.4.6 / 5.2.1 ext/gd Already Freed Resources Usage Exploit

No description provided by source. ?php //////////////////////////////////////////////////////////////////////// // // // | || | | | | | | | || || \ // // | |/ || '|/ |/ -| ' \ / -/ |||| /| || / // // ||||,||| ,|||||||,| || |||||| // // // // Proof of concept code from the Hardened-PHP...

PHP <= 4.4.4 unserialize() ZVAL Reference Counter Overflow Exploit PoC

No description provided by source. ?php //////////////////////////////////////////////////////////////////////// // // // | || | | | | | | | || || \ // // | |/ || '|/ |/ -| ' \ / -/ |||| /| || / // // ||||,||| ,|||||||,| || |||||| // // // // Proof of concept code from the Hardened-PHP...

PHP < 4.4.5 / 5.2.1 (shmop) SSL RSA Private-Key Disclosure Exploit

No description provided by source. ?php //////////////////////////////////////////////////////////////////////// // // // | || | | | | | | | || || \ // // | |/ || '|/ |/ -| ' \ / -/ |||| /| || / // // ||||,||| ,|||||||,| || |||||| // // // // Proof of concept code from the Hardened-PHP...

CentOS 3 / 4 : php (CESA-2006:0730)

Updated PHP packages that fix a security issue are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Web server. The Hardened-PHP Project discovered an...

PHP 5.2.1 - Multiple functions &#039;Reference&#039; Information Disclosures

source: https://www.securityfocus.com/bid/23202/info PHP is prone to an information-disclosure vulnerability due to a design error. The vulnerability resides in various functions that accept parameters as references. Successful exploits will allow attackers to obtain sensitive information...

PHP 4.4.5 / 4.4.6 session_decode() Double Free Exploit PoC

No description provided by source. ?php //////////////////////////////////////////////////////////////////////// // // // | || | | | | | | | || || // // | |/ || '|/ |/ -| ' / -/ |||| /| || / //...

PHP 4.4.4 - &#039;Zip_Entry_Read()&#039; Integer Overflow

source: https://www.securityfocus.com/bid/23169/info PHP is prone to an integer-overflow vulnerability because it fails to ensure that integer values aren't overrun. Attackers may exploit this issue to cause a heap-based buffer overflow. Exploiting this issue may allow attackers to execute...

MOPB-sessionunset.txt

?php //////////////////////////////////////////////////////////////////////// // // // | || | | | | | | | || || \ // // | |/ || '|/ |/ -| ' \ / -/ |||| /| || / // // ||||,||| ,|||||||,| || |||||| // // // // Proof of concept code from the Hardened-PHP Project // // C Copyright 2007 Stefan...

PHP &lt; 4.4.5 / 5.2.1 _SESSION unset() Local Exploit

No description provided by source. ?php //////////////////////////////////////////////////////////////////////// // // // | || | | | | | | | || || // // | |/ || '|/ |/ -| ' / -/ |||| /| || / //...

PHP &lt; 4.4.5/5.2.1 - &#039;_SESSION unset()&#039; Local Overflow

?php //////////////////////////////////////////////////////////////////////// // // // | || | | | | | | | || || \ // // | |/ || '|/ |/ -| ' \ / -/ |||| /| || / // // ||||,||| ,|||||||,| || |||||| // // // // Proof of concept code from the Hardened-PHP Project // // C Copyright 2007 Stefan...

PHP &lt; 4.4.5 / 5.2.1 _SESSION Deserialization Overwrite Exploit

No description provided by source. ?php //////////////////////////////////////////////////////////////////////// // // // | || | | | | | | | || || \ // // | |/ || '|/ |/ -| ' \ / -/ |||| /| || / // // ||||,||| ,|||||||,| || |||||| // // // // Proof of concept code from the Hardened-PHP...

PHP &lt; 4.4.5 / 5.2.1 _SESSION unset() Local Exploit

No description provided by source. ?php //////////////////////////////////////////////////////////////////////// // // // | || | | | | | | | || || \ // // | |/ || '|/ |/ -| ' \ / -/ |||| /| || / // // ||||,||| ,|||||||,| || |||||| // // // // Proof of concept code from the Hardened-PHP...

PHP &lt;= 5.2.1 hash_update_file() Freed Resource Usage Exploit

No description provided by source. ?php //////////////////////////////////////////////////////////////////////// // // // | || | | | | | | \| || || \ // // | |/ || '|/ |/ -| ' \ / -/ |||| /| || / //...

PHP &lt;= 4.4.6 / 5.2.1 array_user_key_compare() ZVAL dtor Local Exploit

No description provided by source. ?php //////////////////////////////////////////////////////////////////////// // // // | || | | | | | | | || || \ // // | |/ || '|/ |/ -| ' \ / -/ |||| /| || / //...

PHP <= 4.4.6 / 5.2.1 array_user_key_compare() ZVAL dtor Local Exploit

Exploit for linux platform in category local exploits ===================================================================== PHP = 4.4.6 / 5.2.1 arrayuserkeycompare ZVAL dtor Local Exploit ===================================================================== ?php...

PHP 4.4.65.2.1 - array_user_key_compare() ZVAL dtor Local Overflow

PHP 4.4.65.2.1 - arrayuserkeycompare ZVAL dtor Local Overflow ?php //////////////////////////////////////////////////////////////////////// // // // | || | | | | | | | || || \ // // | |/ || '|/ |/ -| ' \ / -/ |||| /| || / // // ||||,||| ,|||||||,| || |||||| // // // // Proof of concept code...