184 matches found
Domaintrader 2.5.3 Cross Site Scripting
i? Domaintrader v.2.5.3 Cross-Site Scripting 6th of February, 2018 Found by Uladzislau Murashka - https://sm0k3.net Vendor homepage: www.smartscriptsolutions.com Software link: http://www.smartscriptsolutions.com/domain-trader/ Version of local application copy: 2.5.2 but valid also for 2.5.3...
Zeta Components Mail 1.8.1 - Remote Code Execution
Zeta Components Mail 1.8.1 - Remote Code Execution Vendor: Zeta Components module: Mail, returnPath-email”; If attacker assign email address like: '[email protected] -X/var/www/html/cache/exploit.php' and inject payload in mail body, sendmail will transfer log-X into...
Internet Bug Bounty: Out-Of-Bounds Read in timelib_meridian()
Description While deserializing an invalid dateTime value, wddxdeserialize would result in a heap out-of-bounds read in timelibmeridian. As wddxdeserialize is exposed to network data, and sometimes echo the results back to client, this issue could potentially allow remote peeking of the process...
Internet Bug Bounty: PHP OpenSSL zif_openssl_seal() heap overflow (wild memcpy)
Description: A wild memcpy is discovered in the openssl package included in stable PHP release. During parsing a PEM certificate in opensslseal, an invalid key length is produced after parsing, eskl0 value is -1 after the call to EVPSealInit, subsequently causing a heap overflow via a wild memcpy...
DCFM Blog 0.9.7 Blind SQL Injection Vulnerability
DCFM Blog version 0.9.7 suffers from a remote blind SQL injection vulnerability. DCFM Blog Version 0.9.7 Blind SQL Injection Vulnerability time based-attack ================================================================================ Description ============ Open-source blog project. Free blo...
DCFM Blog 0.9.7 Cross Site Scripting Vulnerability
DCFM Blog version 0.9.7 suffers from a cross site scripting vulnerability. DCFM Blog 0.9.7 XSS Attack =========================== Description ============ Open-source blog project. Free blog system for any website. Uses MySQL and PHP 5. Very easily customizable and incredibly flexible...
DCFM Blog 0.9.7 Blind SQL Injection
DCFM Blog Version 0.9.7 Blind SQL Injection Vulnerability time based-attack ================================================================================ Discovered by NA , NAattutanota.com ======================================== Description ============ Open-source blog project. Free blog...
DCFM Blog 0.9.7 Cross Site Scripting
DCFM Blog 0.9.7 XSS Attack =========================== Discovered by NA , NAattutanota.com ======================================== Description ============ Open-source blog project. Free blog system for any website. Uses MySQL and PHP 5. Very easily customizable and incredibly flexible...
Internet Bug Bounty: Illegal write/read access caused by gdImageAALine overflow
Upstream Bug --- https://bugs.php.net/bug.php?id=72482 Summary --- Ilegal write/read access at gdImageSetAAPixelColor caused by gdImageAALine overflow. gdImageAALine tries to clip the limit values and fails because an integer overflow occurs while calculating the new line limits. PHP 5 is affecte...
Flash Operator Panel 2.31.03 - Multiple Web Vulnerabilities
Document Title: =============== Flash Operator Panel 2.31.03 - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1906 Release Date: ============= 2016-10-21 Vulnerability Laboratory ID VL-ID: ===================================...
Internet Bug Bounty: Use After Free Vulnerability in unserialize()
bug report at: https://bugs.php.net/bug.php?id=70436 fix commit at: https://github.com/php/php-src/commit/95d09e4b5e6b84f8340efe03e8e2f9c1380228db Use After Free Vulnerability in unserialize Taoguang Chen - Write Date: 2015.9.6 - Release Date: 2016.8.18 A use-after-free vulnerability was discover...
Subrion v4.0.5 CMS - SQL Injection Vulnerability
Document Title: =============== Subrion v4.0.5 CMS - SQL Injection Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1893 Release Date: ============= 2016-08-03 Vulnerability Laboratory ID VL-ID: ==================================== 1893 Comm...
CVE-2016-1902
The nextBytes function in the SecureRandom class in Symfony before 2.3.37, 2.6.x before 2.6.13, and 2.7.x before 2.7.9 does not properly generate random numbers when used with PHP 5.x without the paragonie/randomcompat library and the opensslrandompseudobytes function fails, which makes it easier...
CVE-2016-1902
The nextBytes function in the SecureRandom class in Symfony before 2.3.37, 2.6.x before 2.6.13, and 2.7.x before 2.7.9 does not properly generate random numbers when used with PHP 5.x without the paragonie/randomcompat library and the opensslrandompseudobytes function fails, which makes it easier...
Design/Logic Flaw
The nextBytes function in the SecureRandom class in Symfony before 2.3.37, 2.6.x before 2.6.13, and 2.7.x before 2.7.9 does not properly generate random numbers when used with PHP 5.x without the paragonie/randomcompat library and the opensslrandompseudobytes function fails, which makes it easier...
UBUNTU-CVE-2016-1902
The nextBytes function in the SecureRandom class in Symfony before 2.3.37, 2.6.x before 2.6.13, and 2.7.x before 2.7.9 does not properly generate random numbers when used with PHP 5.x without the paragonie/randomcompat library and the opensslrandompseudobytes function fails, which makes it easier...
CVE-2016-1902
The nextBytes function in the SecureRandom class in Symfony before 2.3.37, 2.6.x before 2.6.13, and 2.7.x before 2.7.9 does not properly generate random numbers when used with PHP 5.x without the paragonie/randomcompat library and the opensslrandompseudobytes function fails, which makes it easier...
CVE-2016-1902
The nextBytes function in the SecureRandom class in Symfony before 2.3.37, 2.6.x before 2.6.13, and 2.7.x before 2.7.9 does not properly generate random numbers when used with PHP 5.x without the paragonie/randomcompat library and the opensslrandompseudobytes function fails, which makes it easier...
CVE-2016-1902
CVE-2016-1902 affects Symfony’s SecureRandom class prior to: 2.3.37, 2.6.x prior to 2.6.13, and 2.7.x prior to 2.7.9 when used with PHP 5.x without the paragonie/random_compat library. The OpenSSL/openssl_random_pseudo_bytes path may fail, causing weak or non-secure random numbers and undermining...
CVE-2016-1902
The nextBytes function in the SecureRandom class in Symfony before 2.3.37, 2.6.x before 2.6.13, and 2.7.x before 2.7.9 does not properly generate random numbers when used with PHP 5.x without the paragonie/randomcompat library and the opensslrandompseudobytes function fails, which makes it easier...