27 matches found
Schneider Electric Pelco Sarix/Spectra Cameras CSRF Enable SSH Root Access
Summary Pelco offers the broadest selection of IP cameras designed for security surveillance in a wide variety of commercial and industrial settings. From our industry-leading fixed and high-speed IP cameras to panoramic, thermal imaging, explosionproof and more, we offer a camera for any...
PHP PHAR 'phar_tar_process_metadata()' function heap memory corruption vulnerability
PHP is a widely used general-purpose scripting language that is particularly well suited for web development and can be embedded in HTML. A heap metadata corruption vulnerability exists in PHP version 5.3.0 when parsing tar files in phartarprocessmetadata, which can be exploited by an attacker to...
PHP 5.3.0 - pdflib Arbitrary File Write
No description provided by source. Description: ------------ Via this bug , attacker can save a file in path that not allowed in openbasedir . Reproduce code: --------------- ?php // Author : Sina Yazdanmehr R3d.W0rm ; Our Site : http://IrCrash.com if!extensionloaded'pdf' die'pdf extension requir...
PHP 5.2.11/5.3.0 - Multiple Vulnerabilities
No description provided by source. ?php / PHP 5.2.11/5.3.0 symlink openbasedir bypass by Maksymilian Arciemowicz http://securityreason.com/ cxib a.T securityreason d0t com CHUJWAMWMUZG / $fakedir=cx; $fakedep=16; $num=0; // offset of symlink.$num if!empty$GET'file' $file=$GET'file'; else...
PHP 5.3.x DoS
No description provided by source. //DOS Php 5.3.x // //Title: Dos Php 5.3.0 //Vendor: http://php.net //Tested On Php 5.3.0 On Windows xp Sp3 And Redhat // //AUTHOR: ITSecTeam //Email: [email protected] //Website: http://www.itsecteam.com //Forum : http://forum.ITSecTeam.com //Original Advisory:...
PHP openssl_x509_parse() - Memory Corruption Vulnerability
No description provided by source. SektionEins GmbH www.sektioneins.de -= Security Advisory =- Advisory: PHP opensslx509parse Memory Corruption Vulnerability Release Date: 2013/12/13 Last Modified: 2013/12/13 Author: Stefan Esser stefan.esseratsektioneins.de Application: PHP 4.0.6 - PHP 4.4.9 PHP...
PHP 5.3 'mail.log' Configuration Option 'open_basedir' Restriction Bypass Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/36007/info PHP is prone to an 'openbasedir' restriction-bypass vulnerability because of a design error. Successful exploits could allow an attacker to write files in unauthorized locations. This vulnerability would be an...
PHP - openssl_x509_parse() Memory Corruption
PHP - opensslx509parse Memory Corruption SektionEins GmbH www.sektioneins.de -= Security Advisory =- Advisory: PHP opensslx509parse Memory Corruption Vulnerability Release Date: 2013/12/13 Last Modified: 2013/12/13 Author: Stefan Esser stefan.esseratsektioneins.de Application: PHP 4.0.6 - PHP 4.4...
PHP openssl_x509_parse() Memory Corruption
SektionEins GmbH www.sektioneins.de -= Security Advisory =- Advisory: PHP opensslx509parse Memory Corruption Vulnerability Release Date: 2013/12/13 Last Modified: 2013/12/13 Author: Stefan Esser stefan.esseratsektioneins.de Application: PHP 4.0.6 - PHP 4.4.9 PHP 5.0.x PHP 5.1.x PHP 5.2.x PHP 5.3....
SOL13231 - PHP vulnerability CVE-2009-2626
In PHP 5.3.0 and PHP 5.2.10 and earlier, the zendrestoreinientrycb function in zendini.c allows context-specific attackers to obtain sensitive information memory contents and causes PHP to fail by using the iniset function to declare a variable, and then using the inirestore function to restore t...
Zen Cart v1.3.9f (typefilter) Local File Inclusion Vulnerability
Exploit for php platform in category web applications ================================================================ Zen Cart v1.3.9f typefilter Local File Inclusion Vulnerability ================================================================ Vendor: Zen Ventures, LLC Product web page:...
Zen Cart 1.3.9f Local File Inclusion
Zen Cart v1.3.9f typefilter Local File Inclusion Vulnerability Vendor: Zen Ventures, LLC Product web page: http://www.zen-cart.com Version affected: 1.3.9f Summary: Zen Cart is an online store management system. It is PHP-based, using a MySQL database and HTML components. Support is provided for...
PHP 5.2.x < 5.2.14, 5.3.x < 5.3.3 Multiple RCE Vulnerabilities
PHP is prone to multiple remote code execution RCE vulnerabilities. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php";...
PHP 5.3.0 getopt() Denial Of Service
Hotmail : une messagerie fiable avec la protection anti-spam performante de Microsoft Inscrivez-vous...
PHP 5.3.0 getopt() Denial of Service
No description provided by source. ?php PHP 5.3.0 getopt Denial of service Tested on WIN XP FR SP3, WIN VISTA FR SP2, Apache, PHP 5.3.0 Denial of service Author: Napst3r Greets To: My Laptop & all My Friends $buffer = strrepeat'A:', 9999; $options = getopt$buffer; ?...
PHP 5.3.0 getopt() Denial of Service
Exploit for multiple platform in category dos / poc ==================================== PHP 5.3.0 getopt Denial of Service ==================================== 0day.today 2018-01-10...
PHP 5.3.0 - 'getopt()' Denial of Service
...
CVE-2009-4418
The unserialize function in PHP 5.3.0 and earlier allows context-dependent attackers to cause a denial of service resource consumption via a deeply nested serialized variable, as demonstrated by a string beginning with a:1: followed by many a:1: sequences...
CVE-2009-2626
The zendrestoreinientrycb function in zendini.c in PHP 5.3.0, 5.2.10, and earlier versions allows context-specific attackers to obtain sensitive information memory contents and cause a PHP crash by using the iniset function to declare a variable, then using the inirestore function to restore the...
CVE-2009-2626
The CVE-2009-2626 issue affects PHP 5.3.0, 5.2.10 and earlier, where zend_restore_ini_entry_cb in zend_ini.c allows a context-specific attacker to cause memory disclosure and PHP crashes by abusing ini_set and ini_restore. Connected advisories confirm this as a vulnerability in PHP’s ini_restore(...