2 matches found
BIT-PHP-2024-8926 PHP CGI Parameter Injection Vulnerability (CVE-2024-4577 bypass)
In PHP versions 8.1. before 8.1.30, 8.2. before 8.2.24, 8.3. before 8.3.12, when using a certain non-standard configurations of Windows codepages, the fixes for CVE-2024-4577 https://github.com/advisories/GHSA-vxpp-6299-mxw3 may still be bypassed and the same command injection related to Windows...
PHP 8.3.x < 8.3.12 Multiple Vulnerabilities
The version of PHP installed on the remote host is prior to 8.3.12. It is, therefore, affected by multiple vulnerabilities as referenced in the Version 8.3.12 advisory. - In PHP versions 8.1. before 8.1.30, 8.2. before 8.2.24, 8.3. before 8.3.12, when using a certain non- standard configurations ...