SPIP 4.2.12 Code Execution

============================================================================================================================================= | Title : SPIP 4.2.12 PHP Code execution Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 129.0.1 64 bits ...

Traidnt up 2.0 (report.php trtext) Blind SQL Injection Vulnerability

Traidnt up is a php online upload script assignmessage,charset$errors."انتظر سوف يتم تحويلك للملف مرة أخري".""; $traidnt-display"message.tpl"; else $ip = getenv'REMOTEADDR'; $reportquery = $db-query" INSERT INTO report reportkey ,reportwhy ,reportip VALUES '$fileid', '$trtext', '$ip';";...

PHP http_build_query()函数中断处理地址信息泄露漏洞

CVE ID: CVE-2010-2100 PHP是广泛使用的通用目的脚本语言，特别适合于Web开发，可嵌入到HTML中。 PHP的httpbuildquery函数中存在信息泄露漏洞： PHPFUNCTIONhttpbuildquery zval formdata; char prefix = NULL, argsep=NULL; int argseplen = 0, prefixlen = 0; smartstr formstr = 0; if zendparseparametersZENDNUMARGS TSRMLSCC, "z|ss", &formdata, &prefix,...