EUVD-2010-4126

Malicious code in bioql PyPI...

K12253: PHP vulnerability CVE-2010-2225

Security Advisory Description Note : Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F...

Design/Logic Flaw

WordPress through 4.8.2 uses a weak MD5-based password hashing algorithm, which makes it easier for attackers to determine cleartext values by leveraging access to the hash values. NOTE: the approach to changing this may not be fully compatible with certain use cases, such as migration of a...

CVE-2012-6707

WordPress through 4.8.2 uses a weak MD5-based password hashing algorithm, which makes it easier for attackers to determine cleartext values by leveraging access to the hash values. NOTE: the approach to changing this may not be fully compatible with certain use cases, such as migration of a...

CVE-2012-6707

WordPress through 4.8.2 uses a weak MD5-based password hashing algorithm, which makes it easier for attackers to determine cleartext values by leveraging access to the hash values. NOTE: the approach to changing this may not be fully compatible with certain use cases, such as migration of a...

CVE-2014-8677

The installation process for SOPlanning 1.32 and earlier allows remote authenticated users with a prepared database, and access to an existing database with a crafted name, or permissions to create arbitrary databases, or if PHP before 5.2 is being used, the configuration database is down, and...

Code injection

The installation process for SOPlanning 1.32 and earlier allows remote authenticated users with a prepared database, and access to an existing database with a crafted name, or permissions to create arbitrary databases, or if PHP before 5.2 is being used, the configuration database is down, and...

CVE-2014-8677

The installation process for SOPlanning 1.32 and earlier allows remote authenticated users with a prepared database, and access to an existing database with a crafted name, or permissions to create arbitrary databases, or if PHP before 5.2 is being used, the configuration database is down, and...

CVE-2007-1399

Stack-based buffer overflow in the zip:// URL wrapper in PECL ZIP 1.8.3 and earlier, as bundled with PHP 5.2.0 and 5.2.1, allows remote attackers to execute arbitrary code via a long zip:// URL, as demonstrated by actively triggering URL access from a remote PHP interpreter via avatar upload or...

Aardvark Topsites PHP 5.2 Cross Site Scripting / Local File Inclusion

Aardvark Topsites PHP 5.2 Multi Vulnerability ============================================= Author : indoushka Vondor : www.p30vel.ir http://www.aardvarktopsitesphp.com/ http://www.avatic.com/ Dork : My Topsites List - Powered by Aardvark Topsites PHP 5.2.1 ======================================...

PHP openssl_x509_parse() - Memory Corruption Vulnerability

No description provided by source. SektionEins GmbH www.sektioneins.de -= Security Advisory =- Advisory: PHP opensslx509parse Memory Corruption Vulnerability Release Date: 2013/12/13 Last Modified: 2013/12/13 Author: Stefan Esser stefan.esseratsektioneins.de Application: PHP 4.0.6 - PHP 4.4.9 PHP...

PhotoStore Arbitrary Shell upload Vulnerability

Exploit for php platform in category web applications Exploit Title:PhotoStore Arbitrary Shell upload Google Dork: "site:photocity.co.za" Exploit Author: Index Php Tested on: Windows, PHP 5.2 exploit "@$uploadfile", 'folder'='/'; curlsetopt$ch, CURLOPTRETURNTRANSFER, 1; $postResult = curlexec$ch;...

PHP - openssl_x509_parse() Memory Corruption

PHP - opensslx509parse Memory Corruption SektionEins GmbH www.sektioneins.de -= Security Advisory =- Advisory: PHP opensslx509parse Memory Corruption Vulnerability Release Date: 2013/12/13 Last Modified: 2013/12/13 Author: Stefan Esser stefan.esseratsektioneins.de Application: PHP 4.0.6 - PHP 4.4...

PHP openssl_x509_parse() Memory Corruption

SektionEins GmbH www.sektioneins.de -= Security Advisory =- Advisory: PHP opensslx509parse Memory Corruption Vulnerability Release Date: 2013/12/13 Last Modified: 2013/12/13 Author: Stefan Esser stefan.esseratsektioneins.de Application: PHP 4.0.6 - PHP 4.4.9 PHP 5.0.x PHP 5.1.x PHP 5.2.x PHP 5.3....

Joomla Component com_maianmedia Remote Code Execution

Exploit for php platform in category web applications Exploit Title: Joomla Component commaianmedia Remote Code Execution Google Dork: inurl:index.php?option=commaianmedia Exploit Author: Index Php Tested on: Windows, PHP 5.2 exploit http://target.com/ ? @settimelimit0; $site = explode"\r\n",...

WordPress plugins wp-seo-spy-google Remote Code Execution

Exploit for php platform in category web applications Exploit Title: WordPress plugins wp-seo-spy-google Remote Code Execution Google Dork: inurl:/wp-content/plugins/wp-seo-spy-google/ Exploit Author: Index Php Tested on: Windows, PHP 5.2 exploit http://target.com/ ? @settimelimit0; $site =...

MetInfo 5.0 Beta Admin Remote Password Change

Exploit for php platform in category web applications Exploit Title: MetInfo 5.0 Beta Admin Remote Password Change Google Dork:"Powered by MetInfo 5.0 Beta" Exploit Author: Index Php Vendor Homepage:www.metinfo.cn Version: 5.0 Beta Tested on: Windows, PHP 5.2 exploit username password 0day.today...

FlashChat 6.0.2 6.0.8 - Arbitrary File Upload

FlashChat 6.0.2 6.0.8 - Arbitrary File Upload Exploit Title: FlashChat File Upload Vulnerability Google Dork: intitle:FlashChat v6.0.8 Date: 02.10.2013 Exploit Author: x-hayben21 Vendor Homepage: www.punish3r.com Software Link: http://www.tufat.com/script2.htm Version: v6.0.8, v6.0.2, v6.0.4,...

FlashChat 6.0.2 < 6.0.8 - Arbitrary File Upload

Exploit Title: FlashChat File Upload Vulnerability Google Dork: intitle:FlashChat v6.0.8 Date: 02.10.2013 Exploit Author: x-hayben21 Vendor Homepage: www.punish3r.com Software Link: http://www.tufat.com/script2.htm Version: v6.0.8, v6.0.2, v6.0.4, v6.0.5, v6.0.6, v6.0.7, Tested on: Windows, PHP 5...

FlashChat - Arbitrary File Upload Vulnerability

Exploit for php platform in category web applications Exploit Title: FlashChat File Upload Vulnerability Google Dork: intitle:FlashChat v6.0.8 Date: 02.10.2013 Exploit Author: x-hayben21 Vendor Homepage: www.punish3r.com Software Link: http://www.tufat.com/script2.htm Version: v6.0.8, v6.0.2,...