PHP 8.1.x < 8.1.31 Multiple Vulnerabilities

According to its self-reported version number, the version of PHP installed on the remote host is 8.1.x prior to 8.1.31, 8.2.x prior to 8.2.26, or 8.3.x prior to 8.3.14. It is, therefore, affected by multiple vulnerabilities: - OOB access in ldapescape. CVE-2024-8932 - Leak partial content of the...

Updated php packages fix security vulnerabilities

Core: - Corrupted memory in destructor with weak references - GC does not scale well with a lot of objects created in destructor DOM: - Add some missing ZPP checks. - Fix potential memory leak in XPath evaluation results. FPM: - Fix incorrect check in fpmshmfree. Gettext: - Fixed sigabrt...

MGASA-2019-0307 Updated php and pcre2 packages fix security vulnerabilities

Updated php and pcre2 packages fix security vulnerabilities: - FPM 78599 envpathinfo underflow in fpmmain.c can lead to RCE. CVE-2019-11043 - MBString 78633 Heap buffer overflow read in mberegi. - Mysqlnd 78525 Memory leak in pdo when reusing native prepared statements. - PCRE 78272 calling...

PHP 7.3.0 [alpha|beta] < 7.3.0 Multiple vulnerabilities

According to its banner, the version of PHP running on the remote web server is 7.3.0 alpha|beta prior to 7.3.0. It is, therefore, affected by multiple vulnerabilities: - An arbitrary command injection vulnerability exists in the imapopen function due to improper filters for mailbox names prior t...

MGASA-2015-0231 Updated php packages fix security vulnerabilities

Updated php packages fix security vulnerabilities: Memory Corruption in pharparsetarfile when entry filename starts with null CVE-2015-4021. Integer overflow in ftpgenlist resulting in heap overflow, potentially exploitable by a hostile FTP server CVE-2015-4022. PHP Multipart/form-data parsing...

Medium: php55

Issue Overview: sapi/cgi/cgimain.c in the CGI component in PHP through 5.4.36, 5.5.x through 5.5.20, and 5.6.x through 5.6.4, when mmap is used to read a .php file, does not properly consider the mapping's length during processing of an invalid file that begins with a character and lacks a newlin...

MGASA-2014-0367 Updated php packages fix multiple security vulnerabilities

Updated php packages fix security vulnerabilities: Integer overflow in the cdfreadpropertyinfo function in cdf.c in file through 5.19, as used in the Fileinfo component in PHP before 5.4.32 and 5.5.x before 5.5.16, allows remote attackers to cause a denial of service application crash via a craft...

PHP 5.5.x < 5.5.9 GD Extension Multiple Vulnerabilities

Binary data 8125.prm...

PHP < 5.3.2 / 5.2.13 Multiple Vulnerabilities

Binary data 801102.prm...

PHP 5.2.10及之前版本存在多个安全漏洞

Bugraq ID: 36449 PHP是一款流行的网络编程语言。 PHP存在多个未明安全问题，具体如下： -phpopensslapplyverificationpolicy中存在证书校验问题。 -imagecolortransparent对颜色索引缺少充分过滤检查。 -对exif处理缺少充分的过滤检查。 PHP PHP 5.2.10 PHP PHP 5.2.9 -2 PHP PHP 5.2.9 PHP PHP 5.2.8 PHP PHP 5.2.7 PHP PHP 5.2.6 PHP PHP 5.2.5 PHP PHP 5.2.4 PHP PHP 5.2.3 PHP PHP 5.2....

Php Recommend &lt;= 1.3 (AB/RFI/CI) Multiple Remote Vulnerabilities

No description provided by source. Php Recommend =1.3 Authentication Bypass/Remote File Include/Code Injection Exploits Author: scriptjunkie scriptjunkie.1 nospam googlemail nospam com Condition: RFI: allowurlfopen = On code injection: magicquotesgpc = Off Exploits: Authentication Bypass: change...

Multiple PHP security vulnerabilities

Crossite scripting, DoS, protection bypass, buffer overflows...

PHP, ASP, CGI web applications security vulnerabilities

No description provided...

Security holes in two PHP services.

The first one is poll "avotravis " versions 2.1 and less. 1 Distortion of the limitations of multiple votes : Set the cookie with the name "alreadyvoted" and value "1" to the url /avotravis.php3?vote=1 for "yes" and /avotravis.php3?vote=1 for "no". 2 Access to the part administration : Set the...