EUVD-2016-10651

Malware in sbrugna...

SUSE CVE-2009-1271

The JSONparser function ext/json/JSONparser.c in PHP 5.2.x before 5.2.9 allows remote attackers to cause a denial of service segmentation fault via a malformed string to the jsondecode API function...

PHP Library Remote Code Execution

JAHx221 - RCE in copy/pasted PHP compat libraries, jsondecode function =============================================================================== Several PHP compatability libraries contain a potential remote code execution flaw in their jsondecode function based on having copy pasted existi...

Denial Of Service (DoS)

php is vulnerable to denial of service. A flaw was found in PHP's jsondecode function. A remote attacker could use this flaw to create a specially-crafted string which could cause the PHP interpreter to crash while being decoded in a PHP script...

phpMyAdmin 4.4.15.x < 4.4.15.9 / 4.6.x < 4.6.5 Multiple Information Disclosure

Binary data 9856.prm...

CVE-2016-9854

An issue was discovered in phpMyAdmin. By calling some scripts that are part of phpMyAdmin in an unexpected way, it is possible to trigger phpMyAdmin to display a PHP error message which contains the full path of the directory where phpMyAdmin is installed. During an execution timeout in the expo...

CVE-2016-9854

An issue was discovered in phpMyAdmin. By calling some scripts that are part of phpMyAdmin in an unexpected way, it is possible to trigger phpMyAdmin to display a PHP error message which contains the full path of the directory where phpMyAdmin is installed. During an execution timeout in the expo...

Path traversal

An issue was discovered in phpMyAdmin. By calling some scripts that are part of phpMyAdmin in an unexpected way, it is possible to trigger phpMyAdmin to display a PHP error message which contains the full path of the directory where phpMyAdmin is installed. During an execution timeout in the expo...

CVE-2016-9854

Summary (CVE-2016-9854) : A path disclosure issue in phpMyAdmin arises when triggering certain scripts; an error message can reveal the full path to the phpMyAdmin installation, and during export time these paths are written into the export file. Affected versions are all 4.6.x before 4.6.5 and 4...

CVE-2016-9854

An issue was discovered in phpMyAdmin. By calling some scripts that are part of phpMyAdmin in an unexpected way, it is possible to trigger phpMyAdmin to display a PHP error message which contains the full path of the directory where phpMyAdmin is installed. During an execution timeout in the expo...

CVE-2016-9854

An issue was discovered in phpMyAdmin. By calling some scripts that are part of phpMyAdmin in an unexpected way, it is possible to trigger phpMyAdmin to display a PHP error message which contains the full path of the directory where phpMyAdmin is installed. During an execution timeout in the expo...

Internet Bug Bounty: Integer Overflow/Heap Overflow in json_encode()/json_decode()

https://bugs.php.net/bug.php?id=72275...

OpenCart json_decode function 远程代码执行漏洞

No description provided by source...

OpenCart 2.1.0.2 &lt; 2.2.0.0 - json_decode Function Remote Code Execution

OpenCart jsondecode function Remote PHP Code Execution Author: Naser Farhadi Twitter: @naserfarhadi Date: 9 April 2016 Version: 2.1.0.2 to 2.2.0.0 Latest version Vendor Homepage: http://www.opencart.com/ Vulnerability: ------------ /upload/system/helper/json.php $match = '/".??!\\"/'; $string =...

OpenCart 2.1.0.2 2.2.0.0 - json_decode Function Remote Code Execution

OpenCart 2.1.0.2 2.2.0.0 - jsondecode Function Remote Code Execution OpenCart jsondecode function Remote PHP Code Execution Author: Naser Farhadi Twitter: @naserfarhadi Date: 9 April 2016 Version: 2.1.0.2 to 2.2.0.0 Latest version Vendor Homepage: http://www.opencart.com/ Vulnerability:...

Design/Logic Flaw

The jsondecode function in plugins/contextreactionblock.inc in the Context module 6.x-2.x before 6.x-3.2 and 7.x-3.x before 7.x-3.0 for Drupal, when using a version of PHP that does not support the jsondecode function, allows remote attackers to execute arbitrary PHP code via unspecified vectors...

CVE-2013-4446

CVE-2013-4446 affects Drupal Context module (drupal6-context 6.x-2.x before 6.x-3.2; 7.x-3.x before 7.x-3.0). The vulnerability arises when PHP lacks a json_decode function or json library, allowing remote attackers to execute arbitrary PHP code via Ajax-related vectors (possibly involving eval)....

Fedora 10 : maniadrive-1.2-13.fc10 / php-5.2.9-2.fc10 (2009-3768)

Update to PHP 5.2.9 A heap-based buffer overflow flaw was found in PHP's mbstring extension. A remote attacker able to pass arbitrary input to a PHP script using mbstring conversion functions could cause the PHP interpreter to crash or, possibly, execute arbitrary code. CVE-2008-5557 A directory...

Fedora 9 : maniadrive-1.2-13.fc9 / php-5.2.9-2.fc9 (2009-3848)

Update to PHP 5.2.9 A heap-based buffer overflow flaw was found in PHP's mbstring extension. A remote attacker able to pass arbitrary input to a PHP script using mbstring conversion functions could cause the PHP interpreter to crash or, possibly, execute arbitrary code. CVE-2008-5557 A directory...

Ubuntu USN-761-1 (php5)

The remote host is missing an update to php5 announced via advisory USN-761-1. OpenVAS Vulnerability Test $Id: ubuntu7611.nasl 7969 2017-12-01 09:23:16Z santu $ $Id: ubuntu7611.nasl 7969 2017-12-01 09:23:16Z santu $ Description: Auto-generated from advisory USN-761-1 php5 Authors: Thomas Reinke...