Roundcube Webmail <= 0.5.4 DoS Vulnerability

Roundcube Webmail is prone to a denial of service DoS vulnerability. Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...

php: zend_strndup() NULL pointer dereference may cause DoS

PHP 5.3.8 does not always check the return value of the zendstrndup function, which might allow remote attackers to cause a denial of service NULL pointer dereference and application crash via crafted input to an application that performs strndup operations on untrusted string data, as demonstrat...

Artiphp CMS 5.5.0 database backup disclosure Exploit-vulnerability warning-the black bar safety net

? php / Artiphp CMS 5.5.0 Database Backup Disclosure Exploit Author: Artiphp www.2cto.com http://www.artiphp.com Affected version: 5.5.0 Neo r422 Summary: Artiphp is a content management system CMS open and free to create and manage your website. Description: Artiphp stores database backups using...

Artiphp CMS 5.5.0 Cross Site Scripting

Artiphp CMS v5.5.0 Multiple XSS POST Injection Vulnerabilities Vendor: Artiphp Product web page: http://www.artiphp.com Affected version: 5.5.0 Neo r422 Summary: Artiphp is a content management system CMS open and free to create and manage your website. Desc: Artiphp CMS suffers from multiple...

phpThumb() v1.7.11 (dir & title) Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications phpThumb v1.7.11 dir & title Cross-Site Scripting Vulnerability Vendor: SiliSoftware Product web page: http://www.silisoftware.com Affected version: 1.7.11-201108081537 Summary: phpThumb uses the GD library to create thumbnails from images JPE...

PHP 5.3.8 tidy_diagnose函数拒绝服务漏洞

No description provided by source...

CVE-2012-0781

The tidydiagnose function in PHP 5.3.8 might allow remote attackers to cause a denial of service NULL pointer dereference and application crash via crafted input to an application that attempts to perform Tidy::diagnose operations on invalid objects, a different vulnerability than CVE-2011-4153...

CVE-2011-4153

PHP 5.3.8 does not always check the return value of the zendstrndup function, which might allow remote attackers to cause a denial of service NULL pointer dereference and application crash via crafted input to an application that performs strndup operations on untrusted string data, as demonstrat...

Null pointer dereference

PHP 5.3.8 does not always check the return value of the zendstrndup function, which might allow remote attackers to cause a denial of service NULL pointer dereference and application crash via crafted input to an application that performs strndup operations on untrusted string data, as demonstrat...

CVE-2011-4153

PHP 5.3.8 does not always check the return value of the zendstrndup function, which might allow remote attackers to cause a denial of service NULL pointer dereference and application crash via crafted input to an application that performs strndup operations on untrusted string data, as demonstrat...

CVE-2012-0781

The tidydiagnose function in PHP 5.3.8 might allow remote attackers to cause a denial of service NULL pointer dereference and application crash via crafted input to an application that attempts to perform Tidy::diagnose operations on invalid objects, a different vulnerability than CVE-2011-4153...

CVE-2011-4153

PHP 5.3.8 does not always check the return value of the zendstrndup function, which might allow remote attackers to cause a denial of service NULL pointer dereference and application crash via crafted input to an application that performs strndup operations on untrusted string data, as demonstrat...

PHP 5.3.8 - Hashtables Denial of Service

PHP 5.3.8 - Hashtables Denial of Service Exploit Title: CVE-2011-4885 PHP Hashtables Denial of Service Exploit Date: 1/1/12 Author: infodox Software Link: php.net Version: 5.3. Tested on: Linux CVE : CVE-2011-4885 Exploit Download -- http://infodox.co.cc/Downloads/phpdos.txt...

PHP 5.3.8 - Hashtables Denial of Service

Exploit Title: CVE-2011-4885 PHP Hashtables Denial of Service Exploit Date: 1/1/12 Author: infodox Software Link: php.net Version: 5.3. Tested on: Linux CVE : CVE-2011-4885 Exploit Download -- http://infodox.co.cc/Downloads/phpdos.txt...

Mandriva Update for php-apc MDVA-2011:068 (php-apc)

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Mandriva Update for php-apc MDVA-2011:068 (php-apc)

Check for the Version of php-apc OpenVAS Vulnerability Test Mandriva Update for php-apc MDVA-2011:068 php-apc Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...

11in1 CMS 1.0.1 - &#039;do.php&#039; CRLF Injection

11in1 CMS v1.0.1 do.php CRLF Injection Vulnerability Vendor: 11in1 Product web page: http://www.11in1.org Affected version: 1.0.1 Summary: Eleven in One is an open-source content management system CMS that is powered by PHP and MySQL. It does not only help you manage your personal blog but also...

Mandriva Linux Security Advisory : php (MDVSA-2011:165)

Multiple vulnerabilities has been identified and fixed in php : Use-after-free vulnerability in the substrreplace function in PHP 5.3.6 and earlier allows context-dependent attackers to cause a denial of service memory corruption or possibly have unspecified other impact by using the same variabl...

Sql injection

include/iniset.php in Roundcube Webmail 0.5.4 and earlier, when PHP 5.3.7 or 5.3.8 is used, allows remote attackers to trigger a GET request for an arbitrary URL, and cause a denial of service resource consumption and inbox outage, via a Subject header containing only a URL, a related issue to...

CVE-2011-4078

include/iniset.php in Roundcube Webmail 0.5.4 and earlier, when PHP 5.3.7 or 5.3.8 is used, allows remote attackers to trigger a GET request for an arbitrary URL, and cause a denial of service resource consumption and inbox outage, via a Subject header containing only a URL, a related issue to...