CVE-2021-20076

CVE-2021-20076 affects Tenable.sc and Tenable.sc Core versions 5.13.0–5.17.0. The vulnerability allows an authenticated, unprivileged user to achieve Remote Code Execution on the Tenable.sc server through PHP unserialization. The available connected documentation consistently describes the issue ...

Tenable SecurityCenter 5.13.0 - 5.17.0 Remote Code Execution (TNS-2021-03)

According to its self-reported version, the Tenable SecurityCenter application installed on the remote host is in the 5.13.0 through 5.17.0 version range. Tenable.sc and Tenable.sc Core versions 5.13.0 through 5.17.0 were found to contain a vulnerability that could allow an authenticated,...

Ucopia Express License Issues Vulnerability

Ucopia Express is a device used to manage Wifi used by the French company Ucopia. A security vulnerability exists in Ucopia Express 6.0.5 that allows the use of chroothole client PHP calls to execute arbitrary code with root privileges...

The vulnerability of the PHP programming language interpreter, related to the assignment of the null pointer, allows attackers to trigger a service failure.

The vulnerability of the PHP programming language interpreter is related to the use of a zero pointer. Exploiting this vulnerability can allow an attacker, operating remotely, to cause service failures...

PHP interpreter suffers from an out-of-bounds read vulnerability (CNVD-2020-69476)

PHP PHP: Hypertext Preprocessor, PHP: Hypertext Preprocessor is an open source general-purpose computer scripting language jointly maintained by the PHPGroup and the open source community. An out-of-bounds read vulnerability exists in the PHP interpreter, which can be exploited by an attacker to...

PHP interpreter suffers from an out-of-bounds read vulnerability (CNVD-2020-69474)

PHP PHP: Hypertext Preprocessor, PHP: Hypertext Preprocessor is an open source general-purpose computer scripting language jointly maintained by the PHPGroup and the open source community. An out-of-bounds read vulnerability exists in the PHP interpreter, which can be exploited by an attacker to...

PHP interpreter has an out-of-bounds read vulnerability

PHP PHP: Hypertext Preprocessor, PHP: Hypertext Preprocessor is an open source general-purpose computer scripting language jointly maintained by the PHPGroup and the open source community. An out-of-bounds read vulnerability exists in the PHP interpreter, which can be exploited by an attacker to...

Command execution vulnerability exists in MyuCMS (CNVD-2020-67557)

MyuCMS front-end is built with UIkit framework, back-end is built with layui back-end framework and back-end is developed with PHP+MYSQL. MyuCMS has a command execution vulnerability that can be exploited by attackers to gain server control privileges...

SQL Injection Vulnerability in PHP Version of Nettie CMS

OTCMS Nettie CMS is an article-based web content management system CMS. A SQL injection vulnerability exists in the PHP version of OTCMS, which can be exploited by attackers to obtain sensitive information from the database...

Exploit for Out-of-bounds Write in Php

This is an exploit module for a bug in php-fpm CVE-2019-11043. The bug is possible to trigger from the outside in certain nginx + php-fpm configurations, allowing a web user to execute code if the configuration is vulnerable. The exploit targets the "PHPVALUE" directive in the php.ini file, which...

Command execution vulnerability in SongCMS PHP version (CNVD-2020-38508)

SongCMS PHP Edition is an open source CMS based on PHP+MySQL. SongCMS PHP Edition suffers from a command execution vulnerability that can be exploited by attackers to execute malicious code...

MayiCMS has a flawed logic vulnerability

MayiCMS is a php mysql based website builder. MayiCMS suffers from a logic flaw vulnerability that can be exploited by attackers to perform unauthorized operations...

The vulnerability of the PHP interpreter, related to key management errors, allows attackers to gain unauthorized access to protected information.

The vulnerability of the PHP interpreter is related to key management errors. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

The vulnerability of the exif_iif_add_value function in the PHP programming language, related to reading data beyond the allowed limits, allows a perpetrator to gain unauthorized access to information or cause service failures.

The vulnerability of the exifiifaddvalue function in the PHP programming language is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability can allow an attacker to gain unauthorized access to information or cause service failures...

Artica Pandora FMS Code Issue Vulnerability

Artica Pandora FMS is a monitoring system from the Spanish company Artica. The system monitors networks, servers, virtual infrastructures, applications, etc. in a visual way. A code issue vulnerability exists in File Manager in Artica Pandora FMS 7.42 and prior versions. An attacker can exploit t...

SQL Injection Vulnerability in Wecenter of Shenzhen Weike Interactive Co.

WeCenter is a completely open source social networking program similar to Zhihu based on Q&A, based on PHP+MYSQL application architecture. WeCenter has a SQL injection vulnerability that can be exploited by attackers to obtain sensitive database information...

PHP Memory Location Double Release Vulnerability

PHP PHP: Hypertext Preprocessor, PHP: Hypertext Preprocessor is an open source general-purpose computer scripting language jointly maintained by the PHPGroup and the open source community. The language is mainly used for Web development, supports a variety of databases and operating systems. A...

PHP EXIF extension buffer overflow vulnerability (CNVD-2020-22810)

PHP PHP: Hypertext Preprocessor is an open source general-purpose computer scripting language jointly maintained by the PHPGroup and the open source community. The language is mainly used for Web development and supports a variety of databases and operating systems.EXIF extension is one of the...

PHP Buffer Overflow Vulnerability

PHP PHP: Hypertext Preprocessor, PHP: Hypertext Preprocessor is an open source general-purpose computer scripting language jointly maintained by the PHPGroup and the open source community. The language is mainly used for Web development and supports a variety of databases and operating systems. A...

DEBIAN-CVE-2019-11325

An issue was discovered in Symfony before 4.2.12 and 4.3.x before 4.3.8. The VarExport component incorrectly escapes strings, allowing some specially crafted ones to escalate to execution of arbitrary PHP code. This is related to symfony/var-exporter...