14 matches found
MiracleLinux 7 : rh-php56-php-5.6.5-9.el7 (AXSA:2016-623:03)
The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2016-623:03 advisory. PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in...
EUVD-2001-0108
Malware in sbrugna...
Critical: php:7.2 security update
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: underflow in envpathinfo in fpmmain.c CVE-2019-11043 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refer to...
[SECURITY] Fedora 27 Update: php-7.1.13-1.fc27
PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is...
php: pipelined request executed in deinitialized interpreter under httpd 2.4
A flaw was found in the way the PHP module for the Apache httpd web server handled pipelined requests. A remote attacker could use this flaw to trigger the execution of a PHP script in a deinitialized interpreter, causing it to crash or, possibly, execute arbitrary code...
WANGKONGBAO CNS-1000 UTM IPS-FW - Directory Traversal (Metasploit)
Exploit Title: WANGKONGBAO CNS-1000 and 1100 Network Security Platform UTM Directory Traversal Date: 7/2/2012 Exploit Author: Dillon Beresford Vendor Homepage: http://www.wangkongbao.com/products.html Version: CNS-1000 and 1100 The issue is in the /src/acloglogin.php langid and lang parameters...
DEBIAN-CVE-2009-4355
Memory leak in the zlibstatefulfinish function in crypto/comp/czlib.c in OpenSSL 0.9.8l and earlier and 1.0.0 Beta through Beta 4 allows remote attackers to cause a denial of service memory consumption via vectors that trigger incorrect calls to the CRYPTOcleanupallexdata function, as demonstrate...
Session spoofing? Virtual host killer?- Vulnerability warning-the black bar safety net
by leather total Experiment a Session. The local environment PHP Version 5.2.3 & apache2. 2. 4 The remote server environment PHP Version 4.4.0 & Linux Apache/2.0.54 Unix IIS not tested Test domain: www.netpk.org & amp; www.i0day.cn First write the two PHP scripts Session.php ifsession.php session...
Important: Red Hat Security Advisory: php security update
Updated PHP packages that fix two security issues are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Web server. A hea...
phpDEV5 - System-Call Local Denial of Service
------------------------------------------------------------------------ PHPDev5 Target : PHPDev 5 URL : www.firepages.com.au - http://sourceforge.net/projects/phpdev5/ Type : PHP/Apache/MySQL Server.. .. PoC Sample : Save this code as .php or .php3 file.. //start //end milw0rm.com 2005-03-17...
easydynamic.txt
Producr:EasyDynamicPages v.2.0: Advanced Portal Management System Vendors:http://software.stoitsov.com Bug :include Risk:Cao Author:tsbeginnervnc Web : www.security.com.vn ------------------------------------- Introduction : system, personal or business site or what you need. The goal is to have ...
CVE-2001-0108
PHP Apache module 4.0.4 and earlier allows remote attackers to bypass .htaccess access restrictions via a malformed HTTP request on an unrestricted page that causes PHP to use those access controls on the next page that is requested...
CVE-2001-0108
PHP Apache module 4.0.4 and earlier allows remote attackers to bypass .htaccess access restrictions via a malformed HTTP request on an unrestricted page that causes PHP to use those access controls on the next page that is requested...
PHP Security Advisory - Apache Module bugs
Problems ========= 1 PHP supports a configuration mechanism that allows users to configure PHP directives on a per-directory basis. Under Apache, this is usually done using .htaccess files. Due to a bug in the Apache module version of PHP, remote 'malicious users' might be able to create a specia...