Exploit for OS Command Injection in Std42 Elfinder

CVE-2019-9194 — elFinder Command Injection PoC Command in...

php: Out-of-bounds memory read via gdImageRotateInterpolated

A buffer over-read flaw was found in the GD library used by the PHP gd extension. A specially crafted image file could cause a PHP application using the imagerotate function to disclose portions of the server memory or crash the PHP application...

SQL Injection Vulnerability in F_ID Parameter of Vkflash Image Rotation Management System

Vkflash Picture Rotation Management System is a set of Flash picture rotation management system based on RuoChi's Bcastr processing and secondary development. Vkflash image rotation management system FID parameter SQL injection vulnerability, allowing attackers to exploit the vulnerability to...

Out-of-bounds

The gdImageRotateInterpolated function in ext/gd/libgd/gdinterpolation.c in PHP before 5.5.31, 5.6.x before 5.6.17, and 7.x before 7.0.2 allows remote attackers to obtain sensitive information or cause a denial of service out-of-bounds read and application crash via a large bgdcolor argument to t...

UBUNTU-CVE-2016-1903

The gdImageRotateInterpolated function in ext/gd/libgd/gdinterpolation.c in PHP before 5.5.31, 5.6.x before 5.6.17, and 7.x before 7.0.2 allows remote attackers to obtain sensitive information or cause a denial of service out-of-bounds read and application crash via a large bgdcolor argument to t...