718 matches found
CRLF Injection
Overview Affected versions of this package are vulnerable to CRLF Injection via the settingsToParameters process. An attacker can execute arbitrary code and alter configuration by injecting newline characters into PHP INI values that are forwarded to child processes. This is only exploitable if t...
PHPUnit has Argument injection via newline in PHP INI values that are forwarded to child processes
Impact PHPUnit forwards PHP INI settings to child processes used for isolated/PHPT test execution as -d name=value command-line arguments without neutralizing INI metacharacters. Because PHP's INI parser interprets " as a string delimiter, ; as the start of a comment, and most importantly a newli...
GHSA-QRR6-MG7R-M243 PHPUnit has Argument injection via newline in PHP INI values that are forwarded to child processes
Impact PHPUnit forwards PHP INI settings to child processes used for isolated/PHPT test execution as -d name=value command-line arguments without neutralizing INI metacharacters. Because PHP's INI parser interprets " as a string delimiter, ; as the start of a comment, and most importantly a newli...
CVE-2026-32624
CVE-2026-32624 affects xrdp (open source RDP server) up to version 0.10.5. A heap-based buffer overflow can occur in logon processing when domain_user_separator is configured in xrdp.ini, allowing an unauthenticated remote attacker to send a crafted, excessively long username and domain name to o...
Argument injection via newline in PHP INI values forwarded to child processes
Impact PHPUnit forwards PHP INI settings to child processes used for isolated/PHPT test execution as -d name=value command-line arguments without neutralizing INI metacharacters. Because PHP's INI parser interprets " as a string delimiter, ; as the start of a comment, and most importantly a newli...
Argument injection via newline in PHP INI values forwarded to child processes
Impact PHPUnit forwards PHP INI settings to child processes used for isolated/PHPT test execution as -d name=value command-line arguments without neutralizing INI metacharacters. Because PHP's INI parser interprets " as a string delimiter, ; as the start of a comment, and most importantly a newli...
GHSA-G6V3-WV4J-X9HG October Rain has Environment Variable Exfiltration via INI Parser Interpolation
A server-side information disclosure vulnerability was identified in the INI settings parser. PHP's parseinistring function supports $ syntax for environment variable interpolation. Attackers with Editor access could inject $APPKEY, $DBPASSWORD, or similar patterns into CMS page settings fields,...
EUVD-2026-22704
October Rain has Environment Variable Exfiltration via INI Parser Interpolation...
October Rain has Environment Variable Exfiltration via INI Parser Interpolation
A server-side information disclosure vulnerability was identified in the INI settings parser. PHP's parseinistring function supports $ syntax for environment variable interpolation. Attackers with Editor access could inject $APPKEY, $DBPASSWORD, or similar patterns into CMS page settings fields,...
CVE-2026-25125
October is a Content Management System CMS and web platform. Versions prior to 3.7.14 and 4.1.10 contain a server-side information disclosure vulnerability in the INI settings parser. Because PHP's parseinistring function supports $ syntax for environment variable interpolation, attackers with...
CVE-2026-25125 October CMS: Environment Variable Exfiltration via INI Parser Interpolation
October is a Content Management System CMS and web platform. Versions prior to 3.7.14 and 4.1.10 contain a server-side information disclosure vulnerability in the INI settings parser. Because PHP's parseinistring function supports $ syntax for environment variable interpolation, attackers with...
CVE-2026-25125
October is a Content Management System CMS and web platform. Versions prior to 3.7.14 and 4.1.10 contain a server-side information disclosure vulnerability in the INI settings parser. Because PHP's parseinistring function supports $ syntax for environment variable interpolation, attackers with...
CVE-2026-25125
CVE-2026-25125 affects October CMS versions prior to 3.7.14 and 4.1.10. The issue is a server-side information disclosure in the INI settings parser: if cms.safe_mode is enabled, an Editor user can inject patterns like ${APP_KEY} or ${DB_PASSWORD} via parse_ini_string() through page settings, cau...
PT-2026-32911
A server-side information disclosure vulnerability was identified in the INI settings parser. PHP's parse ini string function supports $ syntax for environment variable interpolation. Attackers with Editor access could inject $APP KEY, $DB PASSWORD, or similar patterns into CMS page settings...
SUSE CVE-2026-33028
Nginx UI is a web user interface for the Nginx web server. Prior to version 2.3.4, the nginx-ui application is vulnerable to a Race Condition. Due to the complete absence of synchronization mechanisms Mutex and non-atomic file writes, concurrent requests lead to the severe corruption of the prima...
CVE-2026-33028
Nginx UI is a web user interface for the Nginx web server. Prior to version 2.3.4, the nginx-ui application is vulnerable to a Race Condition. Due to the complete absence of synchronization mechanisms Mutex and non-atomic file writes, concurrent requests lead to the severe corruption of the prima...
Race Condition
Overview Affected versions of this package are vulnerable to Race Condition through the settings update pipeline in api/settings/settings.go and settings/settings.go. An attacker can corrupt app.ini and disrupt service availability by sending concurrent settings-update requests. Concurrent calls ...
CVE-2026-32140
Dataease is an open source data visualization analysis tool. Prior to 2.10.20, By controlling the IniFile parameter, an attacker can force the JDBC driver to load an attacker-controlled configuration file. This configuration file can inject dangerous JDBC properties, leading to remote code...
CVE-2026-32140
Dataease is an open source data visualization analysis tool. Prior to 2.10.20, By controlling the IniFile parameter, an attacker can force the JDBC driver to load an attacker-controlled configuration file. This configuration file can inject dangerous JDBC properties, leading to remote code...
EUVD-2026-11651
Dataease is an open source data visualization analysis tool. Prior to 2.10.20, By controlling the IniFile parameter, an attacker can force the JDBC driver to load an attacker-controlled configuration file. This configuration file can inject dangerous JDBC properties, leading to remote code...