Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

144 matches found

wpexploit
wpexploitadded 2016/09/26 12:0 a.m.18 views

W3 Total Cache <= 0.9.4.1 – Unauthenticated Security Token Bypass

The /pub/apc.php file is used to empty the OPCache/APC. The script seems protected by a nonce aka security token: $nonce = W3Request::getstring'nonce'; $uri = $SERVER'REQUESTURI'; if wphash$uri == $nonce But the flaw stays in the == operator which is not the one to use when you want to compare...

7.2AI score
Exploits0References1
WPVulnDB
WPVulnDBadded 2016/09/26 12:0 a.m.12 views

W3 Total Cache <= 0.9.4.1 – Unauthenticated Security Token Bypass

The /pub/apc.php file is used to empty the OPCache/APC. The script seems protected by a nonce aka security token: $nonce = W3Request::getstring'nonce'; $uri = $SERVER'REQUESTURI'; if wphash$uri == $nonce But the flaw stays in the == operator which is not the one to use when you want to compare...

7AI score
Exploits0References1Affected Software1
myhack58
myhack58added 2016/09/23 12:0 a.m.14 views

Drupal 8 configuration file download vulnerability analysis-vulnerability warning-the black bar safety net

Author: p0wd3r know Chong Yu 4 0 4 Security lab Date: 2016-09-22 0x00 vulnerability overview 1. Vulnerability description Drupal ( https://www.drupal.org is a free open source content management system, recent researchers have found in it 8. x 8.1.10 version found three security vulnerabilities,...

7.3AI score
Exploits0
Tenable Nessus
Tenable Nessusadded 2016/05/09 12:0 a.m.66 views

Fedora 24 : php-5.6.21-1.fc24 (2016-f4e73663f4)

28 Apr 2016, PHP 5.6.21 Core: Fixed bug 69537 debugInfo with empty string for key gives error. krakjoe Fixed bug 71841 EGerrorzval is not handled well. Laruence BCmath: Fixed bug 72093 bcpowmod accepts negative scale and corrupts one definition. Stas Curl: Fixed bug 71831 CURLOPTNOPROXY applied a...

9.8CVSS7.9AI score0.06482EPSS
Exploits8References13
Tenable Nessus
Tenable Nessusadded 2016/05/03 12:0 a.m.10 views

Fedora 23 : php-5.6.21-1.fc23 (2016-f1d98cf017)

28 Apr 2016, PHP 5.6.21 Core: Fixed bug 69537 debugInfo with empty string for key gives error. krakjoe Fixed bug 71841 EGerrorzval is not handled well. Laruence BCmath: Fixed bug 72093 bcpowmod accepts negative scale and corrupts one definition. Stas Curl: Fixed bug 71831 CURLOPTNOPROXY applied a...

5.5AI score
Exploits0References1
myhack58
myhack58added 2016/04/29 12:0 a.m.86 views

The use of PHP 7 is due to the OPcache execute PHP code-bug warning-the black bar safety net

from:http://blog. gosecure. ca/2 0 1 6/0 4/2 7/binary-webshell-through-opcache-in-php-7/ In the PHP 7.0 release at the beginning, there are a lot of PHP developers for its performance improvement is very attention. In the introduction of OPcache, PHP performance has been greatly improved, many...

7.1AI score
Exploits0
Tenable Nessus
Tenable Nessusadded 2016/04/08 12:0 a.m.15 views

PHP 5.6.x < 5.6.19 / 7.0.x < 7.0.4 Multiple Vulnerabilities

Binary data 9172.prm...

7.3AI score
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2016/03/17 12:0 a.m.43 views

PHP 7.0.x < 7.0.4 Multiple Vulnerabilities

According to its banner, the version of PHP running on the remote web server is 7.0.x prior to 7.0.4. It is, therefore, affected by multiple vulnerabilities : - A type confusion error exists in file ext/soap/phphttp.c in the makehttpsoaprequest function when handling cookie data. An...

9.8CVSS8.8AI score0.02434EPSS
Exploits3References5
Tenable Nessus
Tenable Nessusadded 2016/03/17 12:0 a.m.173 views

PHP 5.6.x < 5.6.19 Multiple Vulnerabilities

According to its banner, the version of PHP running on the remote web server is 5.6.x prior to 5.6.19. It is, therefore, affected by multiple vulnerabilities : - A use-after-free error exists in file ext/wddx/wddx.c in the phpwddxpopelement function when handling XML data. An unauthenticated,...

9.8CVSS8.4AI score0.72278EPSS
Exploits0References3
Tenable Nessus
Tenable Nessusadded 2016/03/14 12:0 a.m.22 views

Fedora 22 : php-5.6.19-1.fc22 (2016-baa32758d0)

03 Mar 2016, PHP 5.6.19 CLI server: Fixed bug php71559 Built-in HTTP server, we can download file in web by bug. Johannes, Anatol CURL: - Fixed bug php71523 Copied handle with new option CURLOPTHTTPHEADER crashes while curlmultiexec. Laruence Date: Fixed bug php68078 Datetime comparisons ignore...

5.6AI score
Exploits0References1
Tenable Nessus
Tenable Nessusadded 2016/03/07 12:0 a.m.12 views

Fedora 23 : php-5.6.19-1.fc23 (2016-c0853ea24e)

03 Mar 2016, PHP 5.6.19 CLI server: Fixed bug php71559 Built-in HTTP server, we can download file in web by bug. Johannes, Anatol CURL: - Fixed bug php71523 Copied handle with new option CURLOPTHTTPHEADER crashes while curlmultiexec. Laruence Date: Fixed bug php68078 Datetime comparisons ignore...

5.6AI score
Exploits0References1
Tenable Nessus
Tenable Nessusadded 2016/03/04 12:0 a.m.17 views

Fedora 22 : php-5.6.18-1.fc22 (2016-1bc6ca8445)

04 Feb 2016, PHP 5.6.18 Core: Fixed bug php71039 exec functions ignore length but look for NULL termination. Anatol Fixed bug php71089 No check to duplicate zendextension. Remi Fixed bug php71201 round segfault on 64-bit builds. Anatol Added support for new HTTP 451 code. Julien Fixed bug php7127...

5.6AI score
Exploits0References1
Tenable Nessus
Tenable Nessusadded 2016/03/04 12:0 a.m.13 views

Fedora 23 : php-5.6.18-1.fc23 (2016-46a34efa06)

04 Feb 2016, PHP 5.6.18 Core: Fixed bug php71039 exec functions ignore length but look for NULL termination. Anatol Fixed bug php71089 No check to duplicate zendextension. Remi Fixed bug php71201 round segfault on 64-bit builds. Anatol Added support for new HTTP 451 code. Julien Fixed bug php7127...

5.6AI score
Exploits0References1
OpenWrt
OpenWrtadded 2016/01/28 12:23 p.m.718 views

php: Security update (7 CVEs)

The php package has been rebuilt and was uploaded to the Chaos Calmer 15.05 repository due to multiple security issues. VERSION 5.6.8-1 = 5.6.17-1 CHANGELOG Sun, 24 Jan 2016 21:47:52 +0100 18d121b Update to 5.6.17 Fixes CVE-2016-1903. Wed, 23 Dec 2015 16:00:14 -0500 766cfcc Update to 5.6.16 Wed, ...

7.5CVSS0.08692EPSS
Exploits5References18
Tenable Nessus
Tenable Nessusadded 2015/09/21 12:0 a.m.68 views

Fedora 23 : php-5.6.13-1.fc23 (2015-14978)

03 Sep 2015, PHP 5.6.13 Core: Fixed bug 69900 Too long timeout on pipes. Anatol Fixed bug 69487 SAPI may truncate POST data. cmb Fixed bug 70198 Checking liveness does not work as expected. Shafreeck Sea, Anatol Belski Fixed bug 70172 Use After Free Vulnerability in unserialize. Stas Fixed bug...

9.8CVSS8AI score0.35455EPSS
Exploits7References18
Tenable Nessus
Tenable Nessusadded 2015/09/15 12:0 a.m.56 views

Fedora 22 : php-5.6.13-1.fc22 (2015-14977)

03 Sep 2015, PHP 5.6.13 Core: Fixed bug 69900 Too long timeout on pipes. Anatol Fixed bug 69487 SAPI may truncate POST data. cmb Fixed bug 70198 Checking liveness does not work as expected. Shafreeck Sea, Anatol Belski Fixed bug 70172 Use After Free Vulnerability in unserialize. Stas Fixed bug...

9.8CVSS8AI score0.35455EPSS
Exploits7References18
OSV
OSVadded 2015/08/06 1:14 p.m.19 views

SUSE-SU-2015:1425-1 Security update for php5

PHP was updated to fix two security issues. The following vulnerabilities were fixed: CVE-2015-5589: PHP could be crashed when processing an invalid file with the 'phar' extension with a segfault in Phar::convertToData, leading to Denial of Service DOS bsc938721 CVE-2015-5590: PHP could be crashe...

10CVSS8.4AI score0.10384EPSS
Exploits1References7
RedHat Linux
RedHat Linuxadded 2015/06/04 8:6 a.m.68 views

Moderate: Red Hat Security Advisory: php55 security and bug fix update

Updated php55 collection packages that fix multiple security issues and several bugs are now available as part of Red Hat Software Collections 2. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give...

10CVSS7.2AI score0.8832EPSS
Exploits34References18
RedHat Linux
RedHat Linuxadded 2015/06/04 8:6 a.m.2 views

php: use after free in opcache extension

A use-after-free flaw was found in PHP's OPcache extension. This flaw could possibly lead to a disclosure of a portion of the server memory...

7.5CVSS6.6AI score0.1203EPSS
Exploits1References4
RedHat Linux
RedHat Linuxadded 2015/06/04 8:2 a.m.1 views

php: use after free in opcache extension

A use-after-free flaw was found in PHP's OPcache extension. This flaw could possibly lead to a disclosure of a portion of the server memory...

7.5CVSS6.6AI score0.1203EPSS
Exploits1References4
Rows per page
Query Builder