EUVD-2007-0924

Malware in sbrugna...

EUVD-2011-0764

Malware in sbrugna...

CVE-2022-4063

The InPost Gallery WordPress plugin before 2.1.4.1 insecurely uses PHP's extract function when rendering HTML views, allowing attackers to force the inclusion of malicious files & URLs, which may enable them to run code on servers...

CVE-2023-52262

outdoorbits little-backup-box aka Little Backup Box before f39f91c allows remote attackers to execute arbitrary code because the PHP extract function is used for untrusted input...

Input validation

outdoorbits little-backup-box aka Little Backup Box before f39f91c allows remote attackers to execute arbitrary code because the PHP extract function is used for untrusted input...

CVE-2023-52262

Outdoorbits Little-backup-box; vulnerable in versions prior to f39f91c due to untrusted input being fed to PHP extract, enabling remote code execution. A fix exists in the commit f39f91c; advised remediation is to update to a version after f39f91c (or temporarily disable PHP extract for untrusted...

Design/Logic Flaw

The InPost Gallery WordPress plugin before 2.1.4.1 insecurely uses PHP's extract function when rendering HTML views, allowing attackers to force the inclusion of malicious files & URLs, which may enable them to run code on servers...

CVE-2007-0930

Variable extract vulnerability in Apache Stats before 0.0.3beta allows attackers to modify arbitrary variables and conduct attacks via unknown vectors involving the use of PHP's extract function...