PHP 7.0.x < 7.0.13 Multiple Vulnerabilities

According to its banner, the version of PHP running on the remote web server is 7.0.x prior to 7.0.13. It is, therefore, affected by multiple vulnerabilities : - A flaw exists in the parseurl function due to returning the incorrect host. An unauthenticated, remote attacker can exploit this to hav...

Internet Bug Bounty: Inappropriate URL parsing may cause security risk!

Description ----- The behaviors in parseurl and httpwrap/cURL are different Original bug report ----- - https://bugs.php.net/bug.php?id=74192 Note ----- - CVE-2017-7189 assigned Thanks : Impact SSRF...

CVE-2016-10397

In PHP before 5.6.28 and 7.x before 7.0.13, incorrect handling of various URI components in the URL parser could be used by attackers to bypass hostname-specific URL checks, as demonstrated by evil.example.com:[email protected]/ and evil.example.com:[email protected]/ inputs to the parseurl...

CVE-2016-10397

In PHP before 5.6.28 and 7.x before 7.0.13, incorrect handling of various URI components in the URL parser could be used by attackers to bypass hostname-specific URL checks, as demonstrated by evil.example.com:[email protected]/ and evil.example.com:[email protected]/ inputs to the parseurl...

CVE-2016-10397

In PHP before 5.6.28 and 7.x before 7.0.13, incorrect handling of various URI components in the URL parser could be used by attackers to bypass hostname-specific URL checks, as demonstrated by evil.example.com:[email protected]/ and evil.example.com:[email protected]/ inputs to the parseurl...

CVE-2017-7569

In vBulletin before 5.3.0, remote attackers can bypass the CVE-2016-6483 patch and conduct SSRF attacks by leveraging the behavior of the PHP parseurl function, aka VBV-17037...

Server side request forgery (ssrf)

In vBulletin before 5.3.0, remote attackers can bypass the CVE-2016-6483 patch and conduct SSRF attacks by leveraging the behavior of the PHP parseurl function, aka VBV-17037...

CVE-2017-7569

In vBulletin before 5.3.0, remote attackers can bypass the CVE-2016-6483 patch and conduct SSRF attacks by leveraging the behavior of the PHP parseurl function, aka VBV-17037...

CVE-2017-7569

CVE-2017-7569 affects vBulletin prior to 5.3.0. An SSRF bypass allows remote attackers to bypass the CVE-2016-6483 patch by abusing PHP parse_url behavior, enabling SSRF conditions. The vulnerability context is that the patch for CVE-2016-6483 did not fully mitigate SSRF opportunities, and exploi...

PHP < 7.1.0 Multiple Vulnerabilities

Binary data 9843.prm...

PHP 5.6.x < 5.6.28 Multiple Vulnerabilities

According to its banner, the version of PHP running on the remote web server is 5.6.x prior to 5.6.28. It is, therefore, affected by multiple vulnerabilities : - A flaw exists in the parseurl function due to returning the incorrect host. An unauthenticated, remote attacker can exploit this to hav...

bo-blog任意变量覆盖漏洞

// go.php $qurl=$SERVER"REQUESTURI"; @list$relativePath, $rawURL=@explode'/go.php/', $qurl; $rewritedURL=$rawURL; // 来自$SERVER"REQUESTURI",可以任意提交的: ... $RewriteRules="/component/^/+/?/"; // 这个正则限制的不够细致,可以很轻易的绕过: ... $RedirectTo="page.php?pagealias=\1"; $i=0; foreach $RewriteRules as $rule if...

horde-disclose.txt

---- Horde Web-Mail Remote File Disclosure ... ITDefence.ru Antichat.ru Horde Web-Mail Remote File Disclosure Eugene Minaev [email protected] / \ \ \ / .\ / /// // / \ / \ // / / / /// /\ / / / / // / / / / / /\ / / / / / / / / / / / //\ \ / / / / // / // / /\ / // 2007 //// // //\ ...

vanilla-sql.txt

= 4.1, magicquotesgpc=Off Tested on versions 1.1.3, 1.1.2, 1.0.1 echo "------------------------------------------------------------\n"; echo "Vanilla - use specific prefix default LUM\n"; echo "-id= - use specific user id default 1\n"; echo "-c= - benchmark's loop count default 300000\n"; echo "-...