📄 Juniper JunOS 23.4 Module Scanner / Exploitation Framework

This PHP script is a modular scanner and exploitation framework targeting Juniper JunOS CVE‑2023‑36846, an arbitrary file upload vulnerability due to missing authentication.. It is designed with a clear separation of responsibilities and supports single‑target testing, interactive exploitation, a...

CVE-2025-58949

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes Spock spock allows PHP Local File Inclusion.This issue affects Spock: from n/a through = 1.17...

[SECURITY] Fedora 41 Update: php-8.3.23-1.fc41

PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is...

OS Command Exec, Unix Command Shell, Bind TCP (via netcat -e) IPv6

Execute an OS command from PHP. Listen for a connection and spawn a command shell via netcat Module Options msf use payload/php/unix/cmd/bindnetcatgapingipv6 msf payloadbindnetcatgapingipv6 show actions ...actions... msf payloadbindnetcatgapingipv6 set ACTION msf payloadbindnetcatgapingipv6 show...

[SECURITY] Fedora 40 Update: php-8.3.19-1.fc40

PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is...

[SECURITY] Fedora 41 Update: php-8.3.19-1.fc41

PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is...

[SECURITY] Fedora 42 Update: php-8.4.5-1.fc42

PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is...

PHP Scripting Language Installed (Windows)

Binary data phpwininstalled.nbin...

PHP Scripting Language Installed (Unix)

Binary data phpnixinstalled.nbin...

[SECURITY] [DLA 3810-1] php7.3 security update

Debian LTS Advisory DLA-3810-1 [email protected] https://www.debian.org/lts/security/ Guilhem Moulin May 07, 2024 https://wiki.debian.org/LTS Package : php7.3 Version : 7.3.31-1deb10u6 CVE ID : CVE-2024-2756 CVE-2024-3096 Security issues were found in PHP, a widely-used open source...

[SECURITY] [DSA 5661-1] php8.2 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5661-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff April 15, 2024 https://www.debian.org/security/faq -...

K15793: PHP Posthandler vulnerability CVE-2014-3622

Security Advisory Description A security vulnerability in the PHP scripting language may allow remote code execution by way of the Post Handler. CVE-2014-3622 - pending Impact None. F5 products do not use vulnerable versions of PHP. Security Advisory Status F5 Product Development has assigned ID...

SUSE CVE-2007-2748

The substrcount function in PHP 5.2.1 and earlier allows context-dependent attackers to obtain sensitive information via unspecified vectors, a different affected function than CVE-2007-1375...

SUSE CVE-2016-5769

Multiple integer overflows in mcrypt.c in the mcrypt extension in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8 allow remote attackers to cause a denial of service heap-based buffer overflow and application crash or possibly have unspecified other impact via a crafted length value,...

PHP Denial of Service Vulnerability

PHP is a scripting language that executes on the server side. A denial of service vulnerability exists in PHP versions prior to 7.4.31, 8.0.0 and later, 8.0.24 and earlier, and 8.1.0 and later, and 8.1.11 and earlier, which stems from the fact that the phar decompressor code recursively...

Fedora: Security Advisory for php (FEDORA-2021-9f68f5f752)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

RCE 'Bug' Found and Disputed in Popular PHP Scripting Framework

Versions of the popular developer tool Zend Framework and its successor Laminas Project can be abused by an attacker to execute remote code on PHP-based websites, if they are running web-based applications that are vulnerable to attack. However, those that maintain Zend Framework emphasize that t...

PHP buffer overflow vulnerability (CNVD-2020-33723)

PHP is an open source general-purpose computer scripting language. PHP buffer overflow vulnerability can be exploited by a remote attacker to submit a special request that can crash the application or execute arbitrary code in the application context...

USN-4279-1: PHP vulnerabilities

It was discovered that PHP incorrectly handled certain scripts. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 12.04 ESM, Ubuntu 14.04 ESM and Ubuntu 16.04 LTS. CVE-2015-9253 It was discovered that PHP incorrectly handled certain inputs. An...

Denial Of Service (DoS)

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The rh-php56 packages provide a recent stable release of PHP with PEAR 1.9.5 and enhanced language features including constant expressions, variadic functions, arguments unpacking, and the interactive debuger. T...