MiracleLinux 7 : php-5.4.16-43.el7.1 (AXSA:2018-2623:01)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2018-2623:01 advisory. php: Buffer over-read from unitialized data in gdImageCreateFromGifCtx function CVE-2017-7890 Tenable has extracted the preceding description block directly...

MiracleLinux 7 : php-5.4.16-46.1.0.1.el7.AXS7 (AXSA:2019-4396:02)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2019-4396:02 advisory. php: underflow in envpathinfo in fpmmain.c CVE-2019-11043 Tenable has extracted the preceding description block directly from the MiracleLinux security...

ABB Cylon Aspect 3.08.00 Off-By-One

ABB Cylon Aspect 3.08.00 logMix/YumLookup.php Off-by-One Error in Log Parsing Vendor: ABB Ltd. Product web page: https://www.global.abb Affected version: NEXUS Series, MATRIX-2 Series, ASPECT-Enterprise, ASPECT-Studio Firmware: =3.08.00 Summary: ASPECT is an award-winning scalable building energy...

ABB Cylon Aspect 3.08.01 getApplicationNamesJS.php Building/Project Name Exposure

ABB Cylon Aspect 3.08.01 getApplicationNamesJS.php Building/Project Name Exposure Vendor: ABB Ltd. Product web page: https://www.global.abb Affected version: NEXUS Series, MATRIX-2 Series, ASPECT-Enterprise, ASPECT-Studio Firmware: =3.08.01 Summary: ASPECT is an award-winning scalable building...

ABB Cylon Aspect 3.08.01 databaseFileDelete.php Command Injection

ABB Cylon Aspect 3.08.01 databaseFileDelete.php Remote Code Execution Vendor: ABB Ltd. Product web page: https://www.global.abb Affected version: NEXUS Series, MATRIX-2 Series, ASPECT-Enterprise, ASPECT-Studio Firmware: =3.08.01 Summary: ASPECT is an award-winning scalable building energy...

ABB Cylon Aspect 3.08.00 yumSettings.php Command Injection

ABB Cylon Aspect 3.08.00 yumSettings.php Remote Code Execution Vendor: ABB Ltd. Product web page: https://www.global.abb Affected version: NEXUS Series, MATRIX-2 Series, ASPECT-Enterprise, ASPECT-Studio Firmware: =3.08.00 Summary: ASPECT is an award-winning scalable building energy management and...

ABB Cylon Aspect 3.07.01 Hard-Coded Credentials

ABB Cylon Aspect 3.07.01 config.inc.php Hard-coded Credentials in phpMyAdmin Vendor: ABB Ltd. Product web page: https://www.global.abb Affected version: NEXUS Series, MATRIX-2 Series, ASPECT-Enterprise, ASPECT-Studio Firmware: =3.07.01 Summary: ASPECT is an award-winning scalable building energy...

ABB Cylon Aspect 3.08.01 Remote Code Execution

ABB Cylon Aspect 3.08.01 bigUpload.php Remote Code Execution Vendor: ABB Ltd. Product web page: https://www.global.abb Affected version: NEXUS Series, MATRIX-2 Series, ASPECT-Enterprise, ASPECT-Studio Firmware: =3.08.01 Summary: ASPECT is an award-winning scalable building energy management and...

Restaurant Management System 1.0 SQL Injection

Exploit Title: Restaurant Management System 1.0 - SQL Injection Date: 2023-03-20 Exploit Author: calfcrusher [email protected] Vendor Homepage: https://www.sourcecodester.com/users/lewa Software Link: https://www.sourcecodester.com/php/11815/restaurant-management-system.html Version: 1.0...

Restaurant Management System 1.0 - SQL Injection

Exploit Title: Restaurant Management System 1.0 - SQL Injection Date: 2023-03-20 Exploit Author: calfcrusher [email protected] Vendor Homepage: https://www.sourcecodester.com/users/lewa Software Link: https://www.sourcecodester.com/php/11815/restaurant-management-system.html Version: 1.0...

Restaurant Management System 1.0 - SQL Injection Vulnerability

Exploit Title: Restaurant Management System 1.0 - SQL Injection Exploit Author: calfcrusher email protected Vendor Homepage: https://www.sourcecodester.com/users/lewa Software Link: https://www.sourcecodester.com/php/11815/restaurant-management-system.html Version: 1.0 Tested on: Apache 2.4.6, PH...

Pandora 7.0NG - Remote Code Execution

Pandora 7.0NG - Remote Code Execution Exploit Title: Pandora 7.0NG - Remote Code Execution Date: 2019-11-14 Exploit Author: Askar @mohammadaskar2 CVE: CVE-2019-20224 Vendor Homepage: https://pandorafms.org/ Software link: https://pandorafms.org/features/free-download-monitoring-software/ Version:...

Pandora 7.0NG Remote Code Execution

Exploit Title: Pandora 7.0NG - Remote Code Execution Date: 2019-11-14 Exploit Author: Askar @mohammadaskar2 CVE: CVE-2019-20224 Vendor Homepage: https://pandorafms.org/ Software link: https://pandorafms.org/features/free-download-monitoring-software/ Version: v7.0NG Tested on: CentOS 7.3 / PHP...

Centreon 19.04 Remote Code Execution

!/usr/bin/python ''' Exploit Title: Centreon v19.04 authenticated Remote Code Execution Date: 28/06/2019 Exploit Author: Askar @mohammadaskar2 CVE : CVE-2019-13024 Vendor Homepage: https://www.centreon.com/ Software link: https://download.centreon.com Version: v19.04 Tested on: CentOS 7.6 / PHP...

Centreon 19.04 - Remote Code Execution

Centreon 19.04 - Remote Code Execution !/usr/bin/python ''' Exploit Title: Centreon v19.04 authenticated Remote Code Execution Date: 28/06/2019 Exploit Author: Askar @mohammadaskar2 CVE : CVE-2019-13024 Vendor Homepage: https://www.centreon.com/ Software link: https://download.centreon.com Versio...

Internet Bug Bounty: Use after free with assign by ref to overloaded objects

Reported: 2015-07-15 16:30 UTC Fixed: 2015-07-21 14:20 UTC Bug Report: https://bugs.php.net/bug.php?id=70083 Fixed in PHP 5.6: http://git.php.net/?p=php-src.git;a=commitdiff;h=f57cb13c566613eec0e1c2f6d96d18565436a9b7 Fixed in 7:...

RealtyScript 4.0.2 - Multiple Blind SQL Injections

RealtyScript v4.0.2 Multiple Time-based Blind SQL Injection Vulnerabilities Vendor: Next Click Ventures Product web page: http://www.realtyscript.com Affected version: 4.0.2 Summary: RealtyScript is award-winning real estate software that makes it effortless for a real estate agent, office, or...

Fedora 18 : php-5.4.16-1.fc18 (2013-10255)

06 Jun 2013, PHP 5.4.16 Core : - Fixed bug 64879 Heap based buffer overflow in quotedprintableencode, CVE-2013-2110. Stas - Fixed bug 64853 Use of no longer available ini directives causes crash on TS build. Anatol - Fixed bug 64729 compilation failure on x32. Gustavo - Fixed bug 64720 SegFault o...

Fedora 17 : php-5.4.16-1.fc17 (2013-10233)

06 Jun 2013, PHP 5.4.16 Core : - Fixed bug 64879 Heap based buffer overflow in quotedprintableencode, CVE-2013-2110. Stas - Fixed bug 64853 Use of no longer available ini directives causes crash on TS build. Anatol - Fixed bug 64729 compilation failure on x32. Gustavo - Fixed bug 64720 SegFault o...

Critical: php

Issue Overview: Heap-based buffer overflow in the phpquotprintencode function in ext/standard/quotprint.c in PHP before 5.3.26 and 5.4.x before 5.4.16 allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted argument to the...