186 matches found
CVE-2023-47621
CVE-2023-47621 affects the Guest Entries PHP library. In affected versions, the file uploads feature does not validate uploaded content, allowing authenticated users to upload PHP files that may lead to remote code execution on the server. The issue is explicitly fixed in version 3.1.2; upgrading...
CVE-2023-47621 Remote code execution via file uploads in guest-entries
Guest Entries is a php library which allows users to create, update & delete entries from the front-end of a site. In affected versions the file uploads feature did not prevent the upload of PHP files. This may lead to code execution on the server by authenticated users. This vulnerability is fix...
CVE-2023-47621 Remote code execution via file uploads in guest-entries
Guest Entries is a php library which allows users to create, update & delete entries from the front-end of a site. In affected versions the file uploads feature did not prevent the upload of PHP files. This may lead to code execution on the server by authenticated users. This vulnerability is fix...
CVE-2023-41330
knplabs/knp-snappy is a PHP library allowing thumbnail, snapshot or PDF generation from a url or a html page. Issue On March 17th the vulnerability CVE-2023-28115 was disclosed, allowing an attacker to gain remote code execution through PHAR deserialization. Version 1.4.2 added a check if...
CVE-2023-41330 Unsafe deserialization in knplabs/knp-snappy
knplabs/knp-snappy is a PHP library allowing thumbnail, snapshot or PDF generation from a url or a html page. Issue On March 17th the vulnerability CVE-2023-28115 was disclosed, allowing an attacker to gain remote code execution through PHAR deserialization. Version 1.4.2 added a check if...
CVE-2023-41330
CVE-2023-41330 affects knplabs/knp-snappy (PHP library for thumbnail/snapshot/PDF generation). The issue is a unsafe PHAR deserialization vulnerability related to how output filenames are handled when generateFromHtml() can be controlled and passed to prepareOutput(). Although a patch was added i...
CLSA-2023-1679350425 php: Fix of 3 CVEs
CVE-2023-0567: crypt: Fix validation of malformed BCrypt hashes - CVE-2023-0568: Fix array overrun when appending slash to paths - CVE-2023-0662: Fix DoS vulnerability when parsing multipart request body...
CVE-2023-28115
Snappy is a PHP library allowing thumbnail, snapshot or PDF generation from a url or a html page. Prior to version 1.4.2, Snappy is vulnerable to PHAR deserialization due to a lack of checking on the protocol before passing it into the fileexists function. If an attacker can upload files of any...
CVE-2023-28115
Snappy is a PHP library allowing thumbnail, snapshot or PDF generation from a url or a html page. Prior to version 1.4.2, Snappy is vulnerable to PHAR deserialization due to a lack of checking on the protocol before passing it into the fileexists function. If an attacker can upload files of any...
UBUNTU-CVE-2023-28115
Snappy is a PHP library allowing thumbnail, snapshot or PDF generation from a url or a html page. Prior to version 1.4.2, Snappy is vulnerable to PHAR deserialization due to a lack of checking on the protocol before passing it into the fileexists function. If an attacker can upload files of any...
CVE-2023-28115 Snappy vulnerable to PHAR deserialization, allowing remote code execution
Snappy is a PHP library allowing thumbnail, snapshot or PDF generation from a url or a html page. Prior to version 1.4.2, Snappy is vulnerable to PHAR deserialization due to a lack of checking on the protocol before passing it into the fileexists function. If an attacker can upload files of any...
CVE-2023-28115
CVE-2023-28115 affects the knplabs/knp-snappy PHP library (Pdf/Html generation) prior to version 1.4.2. The root cause is a lack of validation for the protocol passed into file_exists(), allowing an attacker who can upload files to trigger PHAR deserialization via the phar:// wrapper and potentia...
CVE-2023-28115 Snappy vulnerable to PHAR deserialization, allowing remote code execution
Snappy is a PHP library allowing thumbnail, snapshot or PDF generation from a url or a html page. Prior to version 1.4.2, Snappy is vulnerable to PHAR deserialization due to a lack of checking on the protocol before passing it into the fileexists function. If an attacker can upload files of any...
CLSA-2022-1668467919 php: Fix of 3 CVEs
CVE-2022-37454: Fix buffer overflow in the Keccak XKCP SHA-3 reference implementation - CVE-2022-31630: Fix OOB read due to insufficient input validation in imageloadfont - CVE-2021-21707: Fix improper handlig of special character which breaks path in xml parsing...
CVE-2021-38733
SEMCMS SHOP v 1.1 is vulnerable to SQL Injection via AntBlogCat.php...
CVE-2022-31140
Valinor is a PHP library that helps to map any input into a strongly-typed value object structure. Prior to version 0.12.0, Valinor can use ThrowablegetMessage when it should not have permission to do so. This is a problem with cases such as an SQL exception showing an SQL snippet, a database...
Design/Logic Flaw
Valinor is a PHP library that helps to map any input into a strongly-typed value object structure. Prior to version 0.12.0, Valinor can use ThrowablegetMessage when it should not have permission to do so. This is a problem with cases such as an SQL exception showing an SQL snippet, a database...
CVE-2022-31140 Valinor error messages leading to potential data exfiltration
Valinor is a PHP library that helps to map any input into a strongly-typed value object structure. Prior to version 0.12.0, Valinor can use ThrowablegetMessage when it should not have permission to do so. This is a problem with cases such as an SQL exception showing an SQL snippet, a database...
CVE-2022-31140 Valinor error messages leading to potential data exfiltration
Valinor is a PHP library that helps to map any input into a strongly-typed value object structure. Prior to version 0.12.0, Valinor can use ThrowablegetMessage when it should not have permission to do so. This is a problem with cases such as an SQL exception showing an SQL snippet, a database...
PHP Library Remote Code Execution Vulnerability
Several PHP compatibility libraries contain a potential remote code execution flaw in their jsondecode function based on having copy pasted existing vulnerable code. Affected components include the WassUp Realtime analytics WordPress plugin, AjaXplorer Core, and more. JAHx221 - RCE in copy/pasted...