SQL injection vulnerability in the background management system of the small program of Five Grams Mall

Five grams of mall small program background management system is a PHP development with background WeChat mall small program source code. Five grams mall applet background management system SQL injection vulnerability, the vulnerability is due to the system fails to user-submitted data for...

A vulnerability exists in the ext/standard/var_unserializer.re PHP hypertext processor, which allows an attacker to potentially compromise the integrity of data.

The vulnerability in ext/standard/varunserializer.re of the PHP hypertext processor is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker, operating remotely, to potentially compromise the integrity of PHP data...

USN-3382-1 php5, php7.0 vulnerabilities

It was discovered that the PHP opcache created keys for files it cached based on their filepath. A local attacker could possibly use this issue in a shared hosting environment to obtain sensitive information. This issue only affected Ubuntu 14.04 LTS. CVE-2015-8994 It was discovered that the PHP...

PHP 'zend_ini_do_op()' function buffer overflow vulnerability

PHP is an open source general-purpose computer scripting language maintained by the PHP Group and the open source community. A security vulnerability in the 'zendinidoop' function in the Zend/zendiniparser.c file in PHP allows remote attackers to exploit the vulnerability to submit a special...

DEBIAN-CVE-2017-9225

An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A stack out-of-bounds write in onigencunicodegetcasefoldcodesbystr occurs during regular expression compilation. Code point 0xFFFFFFFF is not properly handled in...

ALPINE-CVE-2017-9226

An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A heap out-of-bounds write or read occurs in nextstateval during regular expression compilation. Octal numbers larger than 0xff are not handled correctly in fetchtoken and...

PHP Denial of Service Vulnerability (CNVD-2017-06133)

PHP PHP: Hypertext Preprocessor is an open source general-purpose computer scripting language maintained by the PHP Group and the open source community. The language supports multiple syntaxes, multiple databases and operating systems, and support for C, C++ for program extensions and so on. A...

PHP Denial of Service Vulnerability (CNVD-2017-05493)

PHP PHP: Hypertext Preprocessor is an open source general-purpose computer scripting language maintained by the PHP Group and the open source community. The language supports multiple syntaxes, multiple databases and operating systems, and support for C, C++ for program extensions and so on. A...

EasyCom For PHP Buffer Overflow Vulnerability

Easycom is a solution for developing and deploying applications across all platforms. A buffer overflow vulnerability exists in the EasyCom PHP API. An attacker could exploit this vulnerability to execute arbitrary code on an affected system...

PHP 'ext/mysqli/mysqli.c' Denial of Service Vulnerability

PHP PHP: Hypertext Preprocessor is an open source general-purpose computer scripting language maintained by the PHP Group and the open source community. The language supports multiple syntaxes, multiple databases and operating systems, and support for C, C++ for program extensions and so on. PHP...

PHP DEP Violation Remote Code Execution Vulnerability

PHP PHP: Hypertext Preprocessor is an open source general-purpose computer scripting language maintained by the PHP Group and the open source community. The language supports multiple syntaxes, multiple databases and operating systems, and support for C, C++ for program extensions and so on. A...

PHP Denial of Service Vulnerability (CNVD-2017-01943)

PHP PHP: Hypertext Preprocessor is an open source general-purpose computer scripting language maintained by the PHP Group and the open source community. The language supports multiple syntaxes, multiple databases and operating systems, and support for C, C++ for program extensions and so on. A...

UBUNTU-CVE-2016-3124

The sanitycheck module in SimpleSAMLphp before 1.14.1 allows remote attackers to learn the PHP version on the system via unspecified vectors...

PHP 'gdImageCreateFromGd2Ctx()' Function Denial of Service Vulnerability

PHP PHP: Hypertext Preprocessor is an open source general-purpose computer scripting language maintained by the PHP Group and the open source community. The language supports multiple syntaxes, multiple databases and operating systems, and support for C, C++ for program extensions and so on. A...

PHP has multiple vulnerabilities

PHP is an open source general-purpose computer scripting language maintained by the PHP Group and the open source community. PHP versions 5.6.x, 7.0.x suffer from a remote denial of service, remote access to sensitive information, and remote command execution vulnerabilities. An attacker can...

UBUNTU-CVE-2016-9934

ext/wddx/wddx.c in PHP before 5.6.28 and 7.x before 7.0.13 allows remote attackers to cause a denial of service NULL pointer dereference via crafted serialized data in a wddxPacket XML document, as demonstrated by a PDORow string...

PHP Standard PHP Library Memory Misreference Vulnerability (CNVD-2017-00067)

PHP PHP: Hypertext Preprocessor is an open source general-purpose computer scripting language maintained by the PHP Group and the open source community. The language supports multiple syntaxes, multiple databases and operating systems, and program extensions in C, C++, etc. The Standard PHP Libra...

u5cmszip_en Cms Cross Site Scripting Vulnerability

u5CMS is a content management system CMS based on PHP, MySQL and Apache for medium-sized websites, conferences, audit processes, PayPal payments and online surveys. The system supports WYSIWYG editor, creating survey forms and data storage. A cross-site scripting vulnerability exists in the...

PHP 'ext/wddx/wddx.c' Null Pointer Reference Remote Denial of Service Vulnerability

PHP PHP: Hypertext Preprocessor is an open source general-purpose computer scripting language maintained by the PHP Group and the open source community. The language supports multiple syntaxes, multiple databases and operating systems, and support for C, C++ for program extensions and so on. A nu...

Zikula Directory Traversal Vulnerability

Zikula is the Zikula Foundation's set of PHP application frameworks for building and maintaining Web sites, which can be extended with third-party add-on modules into communities, portals, e-commerce, and more. A directory traversal vulnerability exists in the jcss.php file in Zikula versions 1.3...