49 matches found
CVE-2022-31625
In PHP versions 7.4.x below 7.4.30, 8.0.x below 8.0.20, and 8.1.x below 8.1.7, when using Postgres database extension, supplying invalid parameters to the parametrized query may lead to PHP attempting to free memory using uninitialized data as pointers. This could lead to RCE vulnerability or...
ALEA-2022:1904 new module: php:8.0
This enhancement update adds the php:8.0 module to AlmaLinux BZ1978356 For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...
Laravel Media Library Pro 2.1.6 Shell Upload Vulnerability
Exploit Title: Laravel Media Library Pro Vendor Homepage: https://spatie.be/ Software Link: https://spatie.be/products/media-library-pro Version: =1.17.10 & =2.1.6 Tested on: Laradock PHP 8.0 inside Ubuntu 20.04 CVE : CVE-2021-45040 Description: The Spatie media-library-pro library through 1.17.1...
CVE-2021-21708 UAF due to php_filter_float() failing
In PHP versions 7.4.x below 7.4.28, 8.0.x below 8.0.16, and 8.1.x below 8.1.3, when using filter functions with FILTERVALIDATEFLOAT filter and min/max limits, if the filter fails, there is a possibility to trigger use of allocated memory after free, which can result it crashes, and potentially in...
PHP 8.0.x < 8.0.13 Local File Inclusion
According to its self-reported version number, the version of PHP running on the remote web server is 7.3.x prior to 7.3.33, 7.4.x prior to 7.4.26 or 8.0.x prior to 8.0.13. It is, therefore, affected by a local file inclusion vulnerability due to NULL byte special character breaking the path in x...
Church Management System 1.0 - Unrestricted File Upload to Remote Code Execution Vulnerability
Exploit Title: Church Management System 1.0 - Unrestricted File Upload to Remote Code Execution Authenticated Exploit Author: Murat DEMIRCI @butterflyhunt3r Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/11206/church-management-system.html Versio...
Security fix for the ALT Linux 10 package php8.0 version 7.3.17-alt1
April 21, 2020 Anton Farygin 7.3.17-alt1 - 7.3.17 Fixes: CVE-2020-7067...
Security fix for the ALT Linux 10 package php8.0 version 7.3.16-alt1
March 24, 2020 Anton Farygin 7.3.16-alt1 - 7.3.16 Fixes: CVE-2020-7064, CVE-2020-7065, CVE-2020-7066...
Security fix for the ALT Linux 10 package php8.0 version 7.3.13-alt1
Dec. 20, 2019 Anton Farygin 7.3.13-alt1 - 7.3.13. Fixes: CVE-2019-11046, CVE-2019-11045, CVE-2019-11049, CVE-2019-11050, CVE-2019-11047...