UBUNTU-CVE-2021-21702

In PHP versions 7.3.x below 7.3.27, 7.4.x below 7.4.15 and 8.0.x below 8.0.2, when using SOAP extension to connect to a SOAP server, a malicious SOAP server could return malformed XML data as a response that would cause PHP to access a null pointer and thus cause a crash...

RGCMS suffers from a file upload vulnerability (CNVD-2021-03290)

RGCMS RuiGu content management system is a set of open source building management system , using PHP language , written in the framework of Thinkphp5.1. , the database using MYSQL database . RGCMS file upload vulnerability , an attacker can use this vulnerability to obtain control of the server...

CVE-2021-3007

Laminas Project laminas-http before 2.14.2, and Zend Framework 3.0.0, has a deserialization vulnerability that can lead to remote code execution if the content is controllable, related to the destruct method of the Zend\Http\Response\Stream class in Stream.php. NOTE: Zend Framework is no longer...

Deserialization of untrusted data

DISPUTED Laminas Project laminas-http before 2.14.2, and Zend Framework 3.0.0, has a deserialization vulnerability that can lead to remote code execution if the content is controllable, related to the destruct method of the Zend\Http\Response\Stream class in Stream.php. NOTE: Zend Framework is no...

CVE-2021-3007

Laminas Project laminas-http before 2.14.2, and Zend Framework 3.0.0, has a deserialization vulnerability that can lead to remote code execution if the content is controllable, related to the destruct method of the Zend\Http\Response\Stream class in Stream.php. NOTE: Zend Framework is no longer...

CVE-2021-3007

Laminas-http

The vulnerability of the urldecode() function in the PHP programming language, related to reading beyond the allowable buffer data limits, allows attackers to gain access to protected information.

The vulnerability of the urldecode function in the PHP programming language is related to reading data beyond the allowable buffer size. Exploiting this vulnerability can allow an attacker to gain access to protected information...

Pluck Code Issue Vulnerability

Pluck is a Content Management System CMS developed in PHP. A code issue exists in Pluck CMS versions prior to 4.7.13, which stems from a file upload limit bypass vulnerability that allows a privileged administrator user to access the host computer via the "Manage Files" feature, which could lead ...

Command execution vulnerability exists in MyuCMS (CNVD-2020-67559)

MyuCMS front-end is built with UIkit framework, back-end is built with layui back-end framework and back-end is developed with PHP+MYSQL. A command execution vulnerability exists in MyuCMS, which can be exploited to gain server privileges...

penetration

This repository contains a collection of 0-day exploits for various web applications, including CMS platforms. The exploits are categorized by the affected application, and each category contains multiple exploits. The exploits are written in various programming languages, including PHP, Python,...

SQL Injection Vulnerability in UCMS v1.4.8

UCMS is a content management system written in PHP. UCMS v1.4.8 suffers from a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive information from the database...

php: Out of bounds read when parsing EXIF information

When PHP EXIF extension is parsing EXIF information from an image, e.g. via exifreaddata function, in PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure o...

File Upload Vulnerability in WeLive Online Customer Service System of Beijing Wein Software

WeLive customer service system uses WebSocket communication technology, based on PHP development, does not rely on the official server. It supports full-duplex communication between the client browser and the remote host, that is, it allows the server to actively push information to the client,...

[SECURITY] [DSA 4719-1] php7.3 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4719-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso July 06, 2020 https://www.debian.org/security/faq -...

WordPress Input Validation Error Vulnerability (CNVD-2021-24380)

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. An input validation error vulnerability exists in WordPress that originates from a web system or product that...

Unspecified Vulnerability in 2pi Software Cmfive

2pi Software Cmfive is Australia's 2pi Software's set of PHP language , mainly used for ERP systems built on open source Web application framework . A security vulnerability exists in the system/classes/DbPDO.php file in 2pi Software Cmfive versions 2015-03-15 and earlier, which can be exploited ...

The vulnerability in the implementation of the getheaders() function in the PHP interpreter allows a malicious actor to gain unauthorized access to protected information.

The vulnerability of the getheaders function implementation in the PHP programming language is related to insufficient validation of input data when processing links using the \0 symbol. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to...

SQL injection vulnerability in the la***_ty*** parameter of the ordasoft-cck component of Joomla!

Developed with PHP language and MySQL database, Joomla! is a content management system. A SQL injection vulnerability exists in the laty parameter of the Joomla! ordasoft-cck component. An attacker can exploit this vulnerability to obtain sensitive database information...

SQL Injection Vulnerability in Us*** Parameters of Joomla! ordasoft-cck Component

Developed with PHP language and MySQL database, Joomla! is a content management system. A SQL injection vulnerability exists in the Us parameter of the Joomla! ordasoft-cck component, which can be exploited by an attacker to obtain sensitive information about a database...

php: Uninitialized read in exif_process_IFD_in_MAKERNOTE

An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an uninitialized read in exifprocessIFDinMAKERNOTE because of mishandling the makernote-offset relationship to valuelen...