74 matches found
Drupal 8 configuration file download vulnerability analysis-vulnerability warning-the black bar safety net
Author: p0wd3r know Chong Yu 4 0 4 Security lab Date: 2016-09-22 0x00 vulnerability overview 1. Vulnerability description Drupal ( https://www.drupal.org is a free open source content management system, recent researchers have found in it 8. x 8.1.10 version found three security vulnerabilities,...
PHP 7.0.x < 7.0.11 Multiple Vulnerabilities
According to its banner, the version of PHP running on the remote web server is 7.0.x prior to 7.0.11. It is, therefore, affected by multiple vulnerabilities : - An heap buffer overflow condition exists in the phpmysqlndrowpreadtextprotocolaux function within file ext/mysqlnd/mysqlndwireprotocol....
PHP 7.0 Denial Of Service
append$tmp; // Crash ?...
PHP 7.0 - JsonSerializable::jsonSerialize json_encode Local Denial of Service
...
PHP 7.0 - 'AppendIterator::append' Local Denial of Service
Exploit for php platform in category dos / poc append$tmp; // Crash ? 0day.today 2017-12-31...
PHP 7.0 - JsonSerializable::jsonSerialize json_encode Local Denial of Service
Exploit for php platform in category dos / poc 0day.today 2018-04-10...
PHP 7.0 - JsonSerializable::jsonSerialize json_encode Local Denial of Service
PHP 7.0 - JsonSerializable::jsonSerialize jsonencode Local Denial of Service...
PHP 7.0 - Object Cloning Local Denial of Service
PHP 7.0 - Object Cloning Local Denial of Service obj = clone $this; return $this-obj; $obj = new MyCloneableClass; $obj2 = clone $obj; ?...
PHP 7.0.x < 7.0.10 Multiple Vulnerabilities
According to its banner, the version of PHP running on the remote web server is 7.0.x prior to 7.0.10. It is, therefore, affected by multiple vulnerabilities : - An unspecified flaw exists in the objectcommon2 function in varunserializer.c that occurs when handling objects during deserialization...
PHP 7.0.x < 7.0.9 Multiple Vulnerabilities (httpoxy)
According to its banner, the version of PHP running on the remote web server is 7.0.x prior to 7.0.9. It is, therefore, affected by multiple vulnerabilities : - A man-in-the-middle vulnerability exists, known as 'httpoxy', due to a failure to properly resolve namespace conflicts in accordance wit...
Internet Bug Bounty: Integer underflow / arbitrary null write in fread/gzread
https://bugs.php.net/bug.php?id=72114 Integer underflow in the fread/gzread length parameter allows to write an arbitrary null byte on 64 bit platforms. This was identified with the help of ASAN and a custom fuzzer. gdb run gzread2.php Starting program: /home/operac/php/php-56/sapi/cli/php...
PHP 7.0.x < 7.0.5 Multiple Vulnerabilities
According to its banner, the version of PHP running on the remote web server is 7.0.x prior to 7.0.5. It is, therefore, affected by multiple vulnerabilities : - A buffer over-write condition exists in the finfoopen function due to improper validation of magic files. An unauthenticated, remote...
PHP 7.0.x < 7.0.4 Multiple Vulnerabilities
According to its banner, the version of PHP running on the remote web server is 7.0.x prior to 7.0.4. It is, therefore, affected by multiple vulnerabilities : - A type confusion error exists in file ext/soap/phphttp.c in the makehttpsoaprequest function when handling cookie data. An...
PHP 7.0.x < 7.0.3 Multiple Vulnerabilities
According to its banner, the version of PHP running on the remote web server is 7.0.x prior to 7.0.3. It is, therefore, affected by multiple vulnerabilities : - The Perl-Compatible Regular Expressions PCRE library is affected by multiple vulnerabilities related to the handling of regular...