710 matches found
CVE-2025-61247
indieka900 online-shopping-system-php 1.0 is vulnerable to SQL Injection in the password parameter of login.php...
EUVD-2025-35439
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeMove Medizin medizin allows PHP Local File Inclusion.This issue affects Medizin: from n/a through 1.9.7...
EUVD-2021-2198
Malware in sbrugna...
Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: php-pear (UTSA-2025-003053)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-003053 advisory. ArchiveTar through 1.4.10 has :// filename sanitization only to address phar attacks, and thus any other stream-wrapper attack such as file:// to overwrite files can...
EUVD-2025-26013
Malicious code in bioql PyPI...
EUVD-2025-28287
Malicious code in bioql PyPI...
EUVD-2025-27826
Malicious code in bioql PyPI...
LFI-SQLI-SSRF
🕵️♀️ Labo Web Vulnérable – Étape 1 : LFI Local File Inclusio...
CVE-2025-57925 WordPress immonex Kickstart Team Plugin <= 1.6.9 - Local File Inclusion Vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in immonex immonex Kickstart Team immonex-kickstart-team allows PHP Local File Inclusion.This issue affects immonex Kickstart Team: from n/a through = 1.6.9...
WordPress plugin Easy Pricing Table WP security vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...
malSploitBase
This repository contains a collection of exploit code and research related to various malware and crimeware tools. The exploits are categorized into different sections, including Banking, Exploit Pack, and Http Botnets. The Banking section contains exploits for various banking malware, such as...
anti-xss
It is an offensive tool for PHP. The primary CVE ID is not explicitly mentioned in the provided context, but the tool is designed to prevent Cross-site scripting XSS attacks. The target product/service is PHP, and the vulnerability class/vector is XSS. The probable entry points are not explicitly...
CVE-2007-4596 vulnerabilities
Vulnerabilities for packages: php...
CVE-2007-2728 vulnerabilities
Vulnerabilities for packages: php...
Moderate: Red Hat Security Advisory: php:8.2 security update
An update for the php:8.2 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
WordPress plugin Blog Designer PRO 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
PT-2025-34024 · Unknown · Funnelkit Funnel Builder
Name of the Vulnerable Software and Affected Versions: FunnelKit Funnel Builder versions through 3.11.1 Description: This issue involves an improper control of filename for include/require statements in PHP programs, specifically a PHP Local File Inclusion vulnerability within FunnelKit Funnel...
WordPress plugin Urna 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...
BIT-LIBPHP-2024-5458 Filter bypass in filter_var (FILTER_VALIDATE_URL)
In PHP versions 8.1. before 8.1.29, 8.2. before 8.2.20, 8.3. before 8.3.8, due to a code logic error, filtering functions such as filtervar when validating URLs FILTERVALIDATEURL for certain types of URLs the function will result in invalid user information username + password part of URLs being...
BIT-LIBPHP-2020-7065 mb_strtolower (UTF-32LE): stack-buffer-overflow at php_unicode_tolower_full
In PHP versions 7.3.x below 7.3.16 and 7.4.x below 7.4.4, while using mbstrtolower function with UTF-32LE encoding, certain invalid strings could cause PHP to overwrite stack-allocated buffer. This could lead to memory corruption, crashes and potentially code execution...