14 matches found
PrinterLogic Build 1.0.757 XSS / SQL Injection / Authentication Bypass
PrinterLogic SaaS, multiple vulnerabilities =========================================================== PrinterLogic's Enterprise Print Management software allows IT professionals to simplify printer driver management and empower end users. -- https://www.printerlogic.com/ Background...
The vulnerability of the `mysqli_real_escape_string` function in the PHP programming language allows a attacker to cause a service failure or potentially have other adverse effects.
The vulnerability of the mysqlirealescapestring function in the PHP programming language is caused by a numerical overflow. Exploiting this vulnerability can allow an attacker to cause service interruptions or potentially have other adverse effects...
Denial Of Service (DoS)
PHP is vulneranle to Integer overflow. It cannot handle a long string input to the mysqliapi.c:mysqlirealescapestring, resulting in a buffer overflow and an application crash...
PHP 7.0.0 <= 7.1.15 DoS Vulnerability (Aug 2018) - Windows
PHP is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; if description...
PHP 7.0.0 <= 7.1.15 DoS Vulnerability (Aug 2018) - Linux
PHP is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; if description...
CVE-2017-9120
PHP 7.x through 7.1.5 allows remote attackers to cause a denial of service buffer overflow and application crash or possibly have unspecified other impact via a long string because of an Integer overflow in mysqlirealescapestring...
CVE-2017-9120
PHP 7.x through 7.1.5 allows remote attackers to cause a denial of service buffer overflow and application crash or possibly have unspecified other impact via a long string because of an Integer overflow in mysqlirealescapestring...
Integer overflow
PHP 7.x through 7.1.5 allows remote attackers to cause a denial of service buffer overflow and application crash or possibly have unspecified other impact via a long string because of an Integer overflow in mysqlirealescapestring...
CVE-2017-9120
PHP 7.x through 7.1.5 allows remote attackers to cause a denial of service buffer overflow and application crash or possibly have unspecified other impact via a long string because of an Integer overflow in mysqlirealescapestring...
CVE-2017-9120
Removed by vendor...
CVE-2017-9120
PHP 7.x through 7.1.5 allows remote attackers to cause a denial of service buffer overflow and application crash or possibly have unspecified other impact via a long string because of an Integer overflow in mysqlirealescapestring. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker...
cmseasy存储型xss漏洞(代码分析)
简要描述: cmseay存储型xss 下载的版本为CmsEasy5.5UTF-820130910 详细说明: bbs/add-archive.php checklogin; //验证用户登录 ......省略........ ifisset$POST'submit' ifstrtolowertrim$POST'verify' != strtolower$SESSION'verify' //确认验证码 actionpublic::turnPage'index.php','验证码输入错误!'; $archive = dbbbsarchive::getInstance;...
PHP mysqli_real_escape_string()函数信息泄露漏洞
PHP是广泛使用的通用目的脚本语言,特别适合于Web开发,可嵌入到HTML中。 PHP所使用的mysqlirealescapestring函数从用户输入字符串获得参数,如果所传送的值为数组而不是字符串就会生成警告,警告消息中包含有当前运行脚本的完整路径。 PHP = 5.3 临时解决方法: ?PHP ifisset$GET'user' if isarray$user = $GET'user' $casted = string$user; // next steps ... else $query = sprintf"SELECT FROM users WHERE user='%s'",...
[MajorSecurity Advisory #59]PHP <=5.3 - mysqli_real_escape_string() full path disclosure
MajorSecurity Advisory 59PHP =5.3 - mysqlirealescapestring full path disclosure Details ======= Product: PHP =5.3 Security-Risk: low Remote-Exploit: yes Vendor-URL: http://www.php.net/ Vendor-Status: informed Advisory-Status: published Credits ============ Discovered by: David Vieira-Kurz...