Virtual Airlines Manager 2.6.2 Cross Site Scripting

Exploit Title: Virtual Airlines Manager 2.6.2 - Persistent Cross-Site Scripting Google Dork: inurl:"/vam/indexvamop.php" Date: 2020-06-29 Exploit Author: Peter Blue Vendor Homepage: https://virtualairlinesmanager.net Software Link: https://virtualairlinesmanager.net Version: 2.6.2 Tested on: Linu...

PHP 7.1.0 / 5.6.29 missing null byte checks for paths in ZipArchive::extractTo Vulnerability

Exploit for php platform in category dos / poc Description: ------------ ZipArchive-extractTo doesn’t ensure that pathnames lack NULL byte, which might allow attacker to manipulate the directory path. Affected method: ------------------------------------------ static ZIPARCHIVEMETHODextractTo...

PHP 5.6.29 releases, security vulnerability fixes-bug warning-the black bar safety net

The PHP development team announced PHP 5.6.29 available. This is a safe version that fixes several security vulnerabilities. Suggested that all PHP 5.6 users upgrade to this version. Update content: Mysqlnd: Fixed bug 64526 the missing mysqlnd. Add parameters to the php. ini-. Opcache: Fixed bug...