CVE-2023-45064

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Daisuke TakahashiExtend Wings OPcache Dashboard plugin = 0.3.1 versions...

Security update for php8

This update for php8 fixes the following issues: Security fixes: CVE-2025-14177: getimagesize function may leak uninitialized heap memory into the APPn segments when reading images in multi-chunk mode bsc1255710. CVE-2025-14178: heap buffer overflow occurs in arraymerge when the total element cou...

Updated php packages fix security vulnerabilities

Opcache: - Reset global pointers to prevent use-after-free in zendjitstatus. PDO: - Fixed PDO quoting result null deref. Standard: - Fixed Null byte termination in dnsgetrecord - Heap buffer overflow in arraymerge - Information Leak of Memory in getimagesize...

MGASA-2025-0330 Updated php packages fix security vulnerabilities

Opcache: - Reset global pointers to prevent use-after-free in zendjitstatus. PDO: - Fixed PDO quoting result null deref. Standard: - Fixed Null byte termination in dnsgetrecord - Heap buffer overflow in arraymerge - Information Leak of Memory in getimagesize...

EUVD-2015-8848

Malware in sbrugna...

EUVD-2023-49385

Malicious code in bioql PyPI...

Fedora 42 : php (2025-2c344545bf)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-2c344545bf advisory. PHP version 8.4.10 03 Jul 2025 BcMath: Fixed bug GH-18641 Accessing a BcMath\Number property by ref crashes. nielsdos Core: Fixed bugs GH-17711 and...

Fedora 39 : php (2024-7c800c4df7)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-7c800c4df7 advisory. PHP version 8.2.24 26 Sep 2024 CGI: Fixed bug GHSA-p99j-rfp4-xqvq Bypass of CVE-2024-4577, Parameter Injection Vulnerability. CVE-2024-8926 nielsdos...

Fedora 39 : php (2024-52c23ef1ec)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-52c23ef1ec advisory. PHP version 8.2.20 06 Jun 2024 CGI: Fixed buffer limit on Windows, replacing read call usage by read. David Carlier Fixed bug GHSA-3qgc-jrrr-25jv...

Fedora 40 : php (2024-49aba7b305)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-49aba7b305 advisory. PHP version 8.3.8 06 Jun 2024 CGI: Fixed buffer limit on Windows, replacing read call usage by read. David Carlier Fixed bug GHSA-3qgc-jrrr-25jv...

OPcache Dashboard <= 0.3.1 - Reflected XSS

Description The plugin does not sanitise and escape some parameters before outputting them back in the page, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

CVE-2023-45064

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Daisuke TakahashiExtend Wings OPcache Dashboard plugin = 0.3.1 versions...

CVE-2023-45064

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Daisuke TakahashiExtend Wings OPcache Dashboard plugin = 0.3.1 versions...

Cross site scripting

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Daisuke TakahashiExtend Wings OPcache Dashboard plugin = 0.3.1 versions...

CVE-2023-45064 WordPress OPcache Dashboard Plugin <= 0.3.1 is vulnerable to Cross Site Scripting (XSS)

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Daisuke TakahashiExtend Wings OPcache Dashboard plugin = 0.3.1 versions...

CVE-2023-45064

CVE-2023-45064: Unauthenticated reflected XSS in the OPcache Dashboard plugin for WordPress, affected versions

PT-2023-29383 · Daisuke Takahashi · Opcache Dashboard Plugin

Name of the Vulnerable Software and Affected Versions: Daisuke TakahashiExtend Wings OPcache Dashboard plugin versions = 0.3.1 Description: The issue is an Unauth. Reflected Cross-Site Scripting XSS vulnerability. This means that an attacker can inject malicious scripts into a website, potentiall...

WordPress Plugin OPcache Dashboard Cross-Site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerability...

WordPress OPcache Dashboard Plugin <= 0.3.1 is vulnerable to Cross Site Scripting (XSS)

Software OPcache Dashboard Type Plugin Vulnerable versions = 0.3.1 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-45064 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 88a7f0a12d7e Credits LEE SE HYOUNG...

SUSE CVE-2015-1351

Use-after-free vulnerability in the zendsharedmemdup function in zendsharedalloc.c in the OPcache extension in PHP through 5.6.7 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors...