EUVD-2018-11038

Malware in sbrugna...

EUVD-2017-1437

Malware in sbrugna...

EUVD-2010-4126

Malicious code in bioql PyPI...

RHSA-2012:0092 Red Hat Security Advisory: php53 security update

Bulletin has no description...

K12253: PHP vulnerability CVE-2010-2225

Security Advisory Description Note : Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F...

SUSE: Security Advisory (SUSE-SU-2015:0370-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2014:0938-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2019-1010257

An Information Disclosure / Data Modification issue exists in article2pdfgetfile.php in the article2pdf Wordpress plugin 0.24, 0.25, 0.26, 0.27. A URL can be constructed which allows overriding the PDF file's path leading to any PDF whose path is known and which is readable to the web server can ...

Remote Code Execution (RCE)

php is vulnerable to remote code execution RCE attacks. The vulnerability exists through a format string vulnerability in stream.c in the phar extension in PHP 5.3.x through 5.3.3 allows context-dependent attackers to obtain sensitive information memory contents and possibly execute arbitrary cod...

CVE-2018-19340

Guriddo Form PHP 5.3 has XSS via the demos/jqform/defaultnodb/default.php OrderID, ShipName, ShipAddress, ShipCity, ShipPostalCode, ShipCountry, Freight, or details parameter...

CVE-2018-19340

CVE-2018-19340 affects Guriddo Form PHP 5.3. It describes a cross-site scripting (XSS) vulnerability exposed through the demos/jqform/defaultnodb/default.php page, specifically via the OrderID, ShipName, ShipAddress, ShipCity, ShipPostalCode, ShipCountry, Freight, or details parameters. The vulne...

Joomla! < 3.8.9 Local File Inclusion with PHP 5.3

According to its self-reported version number, the Joomla! installation running on the remote web server is prior to 3.8.9. It is, therefore, affected by a file inclusion vulnerability. Note that Nessus has not attempted to exploit these issues but has instead relied only on the application's...

Code injection

An issue was discovered in Joomla! 2.5.0 through 3.8.8 before 3.8.9. The autoload code checks classnames to be valid, using the "classexists" function in PHP. In PHP 5.3, this function validates invalid names as valid, which can result in a Local File Inclusion...

CVE-2018-12712

An issue was discovered in Joomla! 2.5.0 through 3.8.8 before 3.8.9. The autoload code checks classnames to be valid, using the "classexists" function in PHP. In PHP 5.3, this function validates invalid names as valid, which can result in a Local File Inclusion...

Code injection

Mahara 15.04 before 15.04.7 and 15.10 before 15.10.3 running PHP 5.3 are vulnerable to one user being logged in as another user on a separate computer as the same session ID is served. This situation can occur when a user takes an action that forces another user to be logged out of Mahara, such a...

CVE-2017-1000152

Mahara 15.04 before 15.04.7 and 15.10 before 15.10.3 running PHP 5.3 are vulnerable to one user being logged in as another user on a separate computer as the same session ID is served. This situation can occur when a user takes an action that forces another user to be logged out of Mahara, such a...

CVE-2017-1000152

CVE-2017-1000152 affects Mahara 15.04 prior to 15.04.7 and 15.10 prior to 15.10.3 when running PHP 5.3. The issue allows one user to be logged in as another on a separate computer because the same session ID is served. Root cause: duplicate/session response handling leads to cross-user session ex...

[SECURITY] Fedora 23 Update: php-ZendFramework2-2.4.10-1.fc23

Zend Framework 2 is an open source framework for developing web applications and services using PHP 5.3+. Zend Framework 2 uses 100% object-oriented code and utilizes most of the new features of PHP 5.3, namely namespaces, late static binding, lambda functions and closures. Zend Framework 2 evolv...

[SECURITY] Fedora 22 Update: php-ZendFramework2-2.4.10-1.fc22

Zend Framework 2 is an open source framework for developing web applications and services using PHP 5.3+. Zend Framework 2 uses 100% object-oriented code and utilizes most of the new features of PHP 5.3, namely namespaces, late static binding, lambda functions and closures. Zend Framework 2 evolv...

[SECURITY] Fedora 21 Update: php-ZendFramework2-2.4.8-1.fc21

Zend Framework 2 is an open source framework for developing web applications and services using PHP 5.3+. Zend Framework 2 uses 100% object-oriented code and utilizes most of the new features of PHP 5.3, namely namespaces, late static binding, lambda functions and closures. Zend Framework 2 evolv...