Linux Distros Unpatched Vulnerability : CVE-2018-5711

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - gdgifin.c in the GD Graphics Library aka libgd, as used in PHP before 5.6.33, 7.0.x before 7.0.27, 7.1.x before 7.1.13, and 7.2.x before 7.2.1, has an integer...

RHSA-2020:1624 Red Hat Security Advisory: php:7.2 security, bug fix, and enhancement update

Bulletin has no description...

RHSA-2019:3299 Red Hat Security Advisory: rh-php72-php security update

Bulletin has no description...

GHSA-F9HR-7CFQ-MJG2 TYPO3 Arbitrary Code Execution via File List Module

Due to missing file extensions in $GLOBALS'TYPO3CONFVARS''BE'‘fileDenyPattern’, backend users are allowed to upload .phar, .shtml, .pl or .cgi files which can be executed in certain web server setups. A valid backend user account is needed in order to exploit this vulnerability. Derivatives of...

Important: php73

Issue Overview: A flaw was discovered in the link function in PHP. When compiled on Windows, it does not correctly handle paths containing NULL bytes. An attacker could abuse this flaw to bypass application checks on file paths. CVE-2019-11044 In PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.1...

Rocky Linux 8 : php:7.2 (RLSA-2019:3735)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2019:3735 advisory. - In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in certain configurations of FPM setup it is possible to cause FPM module to writ...

Rocky Linux 8 : php:7.2 (RLSA-2020:1624)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2020:1624 advisory. - In PHP before 5.6.39, 7.x before 7.0.33, 7.1.x before 7.1.25, and 7.2.x before 7.2.13, a buffer over-read in PHAR reading functions may allow an...

Oracle Linux 8 : php:7.2 (ELSA-2020-1624)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-1624 advisory. - An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. xmlrpcdecode can allow a hostile XMLRPC...

K28464509: PHP vulnerability CVE-2018-7584

Security Advisory Description In PHP through 5.6.33, 7.0.x before 7.0.28, 7.1.x through 7.1.14, and 7.2.x through 7.2.2, there is a stack-based buffer under-read while parsing an HTTP response in the phpstreamurlwraphttpex function in ext/standard/httpfopenwrapper.c. This subsequently results in...

K45991967: PHP vulnerability CVE-2020-7060

Security Advisory Description When using certain mbstring functions to convert multibyte encodings, in PHP versions 7.2.x below 7.2.27, 7.3.x below 7.3.14 and 7.4.x below 7.4.2 it is possible to supply data that will cause function mbflfiltconvbig5wchar to read past the allocated buffer. This may...

USN-5479-3 php7.2 regression

USN-5479-1 fixed vulnerabilities in PHP. Unfortunately that update for CVE-2022-31625 was incomplete for Ubuntu 18.04 LTS. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Charles Fol discovered that PHP incorrectly handled initializing certain arrays...

Ultimate POS 4.4 - (name) Cross-Site Scripting Vulnerability

Exploit Title: Ultimate POS 4.4 - 'name' Cross-Site Scripting XSS Vendor Homepage: https://ultimatefosters.com/docs/ultimatepos/ Version: 4.4 Product & Service Introduction: =============================== The Ultimate POS is a erp, stock management, point of sale & invoicing web-application. The...

Ultimate POS 4.4 Cross Site Scripting

Document Title: =============== Ultimate POS v4.4 - Products Persistent XSS Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2296 Release Date: ============= 2021-10-26 Vulnerability Laboratory ID VL-ID: ====================================...

Wyomind Help Desk 1.3.6 - Remote Code Execution (RCE)

Exploit Title: Wyomind Help Desk 1.3.6 - Remote Code Execution RCE Date: 2021-07-07 Exploit Author: Patrik Lantz Vendor Homepage: https://www.wyomind.com/magento2/helpdesk-magento-2.html Version: Content-Type: multipart/form-data; boundary=---------------------------243970849510445067673127196635...

Cross-site Scripting (XSS) - Stored in harish81/digidocu

✍️ Description DigiDocu is a CMS written in PHP using Laravel Framework. Laravel uses Blade templating engine which sanitizes the HTML by default. But DigiDocu is trying to render some HTML content without validating the input that comes from the user's profile ie. users can write some HTML using...

CentOS 8 : php:7.2 (CESA-2020:1624)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2020:1624 advisory. - php: Buffer over-read in PHAR reading functions CVE-2018-20783 - php: Heap buffer overflow in function exifprocessIFDTAG CVE-2019-11034 - php: Heap...

PHP 7.2.x < 7.2.34 Multiple Vulnerabilities

According to its self-reported version number, the version of PHP running on the remote web server is 7.2.x prior to 7.2.34, 7.3.x prior to 7.3.23 or 7.4.x prior to 7.4.11. It is, therefore, affected by multiple vulnerabilities: - When AES-CCM mode is used with opensslencrypt function with 12 byt...

PHP 7.2 < 7.2.34 / 7.3.x < 7.3.23 / 7.4.x < 7.4.11 Mulitiple Vulnerabilities

According to its self-reported version number, the version of PHP running on the remote web server is 7.2.x prior to 7.2.34, 7.3.x prior to 7.3.23 or 7.4.x prior to 7.4.11. It is, therefore, affected by multiple vulnerabilties: - A weak cryptography vulnerability exists in PHP's opensslencrypt...

CVE-2020-7069 Wrong ciphertext/tag in AES-CCM encryption for a 12 bytes IV

In PHP versions 7.2.x below 7.2.34, 7.3.x below 7.3.23 and 7.4.x below 7.4.11, when AES-CCM mode is used with opensslencrypt function with 12 bytes IV, only first 7 bytes of the IV is actually used. This can lead to both decreased security and incorrect encryption data...

CVE-2020-7068

In PHP versions 7.2.x below 7.2.33, 7.3.x below 7.3.21 and 7.4.x below 7.4.9, while processing PHAR files using phar extension, pharparsezipfile could be tricked into accessing freed memory, which could lead to a crash or information disclosure...