75 matches found
PHP < 4.4.5/5.2.1 - 'shmop' SSL RSA Private-Key Disclosure
?php //////////////////////////////////////////////////////////////////////// // // // | || | | | | | | | || || \ // // | |/ || '|/ |/ -| ' \ / -/ |||| /| || / // // ||||,||| ,|||||||,| || |||||| // // // // Proof of concept code from the Hardened-PHP Project // // C Copyright 2007 Stefan...
PHP wddx_deserialize() String Append Crash Exploit
No description provided by source. ?php //////////////////////////////////////////////////////////////////////// // // // | || | | | | | | | || || // // | |/ || '|/ |/ -| ' / -/ |||| /| || / //...
PHP < 4.4.5 / 5.2.1 php_binary Session Deserialization Information Leak
No description provided by source. ?php //////////////////////////////////////////////////////////////////////// // // // | || | | | | | | | || || \ // // | |/ || '|/ |/ -| ' \ / -/ |||| /| || / // // ||||,||| ,|||||||,| || |||||| // // // // Proof of concept code from the Hardened-PHP...
PHP 4.4.55.2.1 - PHP_binary Session Deserialization Information Leak
PHP 4.4.55.2.1 - PHPbinary Session Deserialization Information Leak ?php //////////////////////////////////////////////////////////////////////// // // // | || | | | | | | | || || \ // // | |/ || '|/ |/ -| ' \ / -/ |||| /| || / // // ||||,||| ,|||||||,| || |||||| // // // // Proof of concept...
PHP 5 - 'wddx_deserialize()' String Append Crash
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCC "; ? milw0rm.com 2007-03-04...
PHP < 4.4.5/5.2.1 - WDDX Session Deserialization Information Leak
A1"; $keys = arraykeys$SESSION; $stackdump = $keys1; echo "Stackdump\n---------\n\n"; for $b=0; $...
PHP 4.4.4 - Unserialize() ZVAL Reference Counter Overflow (PoC)
PHP 4.4.4 - Unserialize ZVAL Reference Counter Overflow PoC ?php //////////////////////////////////////////////////////////////////////// // // // | || | | | | | | | || || \ // // | |/ || '|/ |/ -| ' \ / -/ |||| /| || / // // ||||,||| ,|||||||,| || |||||| // // // // Proof of concept code...
PHP <= 4.4.4 unserialize() ZVAL Reference Counter Overflow Exploit PoC
Exploit for linux platform in category dos / poc ====================================================================== PHP = 4.4.4 unserialize ZVAL Reference Counter Overflow Exploit PoC ====================================================================== ?php...
PHP <= 4.4.4 unserialize() ZVAL Reference Counter Overflow Exploit PoC
No description provided by source. ?php //////////////////////////////////////////////////////////////////////// // // // | || | | | | | | | || || \ // // | |/ || '|/ |/ -| ' \ / -/ |||| /| || / // // ||||,||| ,|||||||,| || |||||| // // // // Proof of concept code from the Hardened-PHP...
PHP 4.4.4 - 'Unserialize()' ZVAL Reference Counter Overflow (PoC)
?php //////////////////////////////////////////////////////////////////////// // // // | || | | | | | | | || || \ // // | |/ || '|/ |/ -| ' \ / -/ |||| /| || / // // ||||,||| ,|||||||,| || |||||| // // // // Proof of concept code from the Hardened-PHP Project // // C Copyright 2007 Stefan...
PHP 4 - Userland ZVAL Reference Counter Overflow (PoC)
PHP 4 - Userland ZVAL Reference Counter Overflow PoC Refcount drops down to 0...
Fedora Core 6 : php-5.1.6-3.1.fc6 (2006-1169)
This update fixes a security vulnerability in PHP. The Hardened-PHP Project discovered an overflow in the PHP htmlentities and htmlspecialchars routines. If a PHP script used the vulnerable functions to parse UTF-8 data, a remote attacker sending a carefully crafted request could trigger the...
WordPress 2.0.5 - Trackback UTF-7 SQL Injection
WordPress 2.0.5 - Trackback UTF-7 SQL Injection !/usr/bin/python | || | | | | | | | || || \ | |/ || '|/ |/ -| ' \ / -/ |||| /| || / ||||,||| ,|||||||,| || |||||| Proof of concept code from the Hardened-PHP Project NOT FOR DISTRIBUTION PLEASE DO NOT SPREAD THIS CODE -= Wordpress 2.0.5 =-...
Wordpress 2.0.5 Trackback UTF-7 Remote SQL Injection Exploit
Exploit for unknown platform in category web applications ============================================================ Wordpress 2.0.5 Trackback UTF-7 Remote SQL Injection Exploit ============================================================ !/usr/bin/python | || | | | | | | | || || \ | |/ || '|/...
Important: Red Hat Security Advisory: php security update
Updated PHP packages that fix a security issue are now available for the Red Hat Application Stack. This update has been rated as having important security impact by the Red Hat Security Response Team. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Web server. The...
php security update
CentOS Errata and Security Advisory CESA-2006:0730 Updated PHP packages that fix a security issue are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP...
RHEL 2.1 / 3 / 4 : php (RHSA-2006:0730)
Updated PHP packages that fix a security issue are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Web server. The Hardened-PHP Project discovered an...
[Full-disclosure] Advisory 12/2006: phpMyAdmin - error.php XSS Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hardened-PHP Project www.hardened-php.net -= Security Advisory =- Advisory: phpMyAdmin - error.php XSS Vulnerability Release Date: 2006/11/02 Last Modified: 2006/11/02 Author: Stefan Esser [email protected] Application: phpMyAdmin = 2.9.0.2...
PHP open_basedir with symlink() function Race Condition PoC exploit
/ -------------------------------------------------------- Neo Security Team NST - Advisory 26 - 09/10/06 -------------------------------------------------------- Program: PHP Homepage: http://www.php.net Vulnerable Versions: PHP 3, 4, 5 Risk: High! Impact: Critical Risk -==PHP openbasedir with...
Advisory 09/2006: PHP unserialize() Array Creation Integer Overflow
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hardened-PHP Project www.hardened-php.net -= Security Advisory =- Advisory: PHP unserialize Array Creation Integer Overflow Release Date: 2006/10/09 Last Modified: 2006/10/09 Author: Stefan Esser [email protected] Application: PHP 5 = 5.1.6, PHP...