100 matches found
PHP 5.2.9 cURL 'safe_mode' and 'open_basedir' Restriction-Bypass Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/34475/info PHP is prone to a 'safemode' and 'openbasedir' restriction-bypass vulnerability. Successful exploits could allow an attacker to access files in unauthorized locations. This vulnerability would be an issue in...
Exploits for Two-Year-Old PHP Security Vulnerability Found
Close to two years ago, a serious vulnerability in PHP was accidentally disclosed after it was discovered months prior during a hacking contest. A patch was released in relatively short order, and one would assume that given PHP’s prevalence as a web development framework, the fix would have been...
PHP 5.4.x < 5.4.17 Buffer Overflow
Binary data 801405.prm...
EUVD-2013-4042
ext/xml/xml.c in PHP before 5.3.27 does not properly consider parsing depth, which allows remote attackers to cause a denial of service heap memory corruption or possibly have unspecified other impact via a crafted document that is processed by the xmlparseintostruct function...
phpcms 2008 /yp/job.php SQL注入漏洞
No description provided by source...
PHP 5.4.3 多个空指针引用拒绝服务漏洞
BUGTRAQ ID: 53643 PHP是一种HTML内嵌式的语言,PHP与微软的ASP颇有几分相似,都是一种在服务器端执行的嵌入HTML文档的脚本语言,语言的风格有类似于C语言,现在被很多的网站编程人员广泛的运用。 PHP 5.4.3之前版本在实现时存在空指针引用导致的多个拒绝服务漏洞,攻击者可利用这些漏洞造成应用崩溃。 0 PHP 5.4.3 厂商补丁: PHP --- 目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本: http://www.php.net ?php / PHP = 5.4.3 wddxserialize /...
PHP 'magic_quotes_gpc'安全绕过漏洞(CVE-2012-0831)
Bugtraq ID: 51954 CVE ID:CVE-2012-0831 Php存在一个安全漏洞允许远程禁用magicquotesgpc,这允许远程攻击者绕过防止SQL注入的限制 0 PHP 5.3.8 PHP 5.3.7 PHP 5.3.6 PHP 5.3.2 PHP 5.2.4 PHP 5.3.5 PHP 5.3.4 PHP 5.3.3 厂商解决方案 用户可参考如下供应商提供的安全公告获得补丁信息: https://bugs.php.net/bug.php?id=61043...
Null pointer dereference
The tidydiagnose function in PHP 5.3.8 might allow remote attackers to cause a denial of service NULL pointer dereference and application crash via crafted input to an application that attempts to perform Tidy::diagnose operations on invalid objects, a different vulnerability than CVE-2011-4153...
PHP 5.3.7之前版本空指针引用拒绝服务漏洞
Bugtraq ID: 49249 PHP是一款流行的编程语言。 php 5.3.6存在多个空指针应用错误,如果用户更改malloc大小,可导致空指针引用而使应用程序崩溃。 要演示这些缺陷,可使用OpenBSD中默认512MB的默认内存限制。我们可以分配类似510MB的大内存剩余2MB,如果某些字符串超过2MB如4MB,PHP尝试使用malloc/strlen等拷贝这个字符串,malloc就会返回空。之后程序会引发空指针引用或缓冲区溢出。 PHP 5.3.7 厂商解决方案 PHP 5.3.7已经修复此漏洞,建议用户下载使用: http://www.php.net/ 127 ulimit ...
CVE-2011-2202
The rfc1867posthandler function in main/rfc1867.c in PHP before 5.3.7 does not properly restrict filenames in multipart/form-data POST requests, which allows remote attackers to conduct absolute path traversal attacks, and possibly create or overwrite arbitrary files, via a crafted upload request...
PHP <5.3.6 shmop_read() 函数整数溢出漏洞
No description provided by source...
PHP 5.3.2 - zend_strtod() Floating-Point Value Denial of Service
PHP 5.3.2 - zendstrtod Floating-Point Value Denial of Service source: https://www.securityfocus.com/bid/45668/info PHP is prone to a remote denial-of-service vulnerability. Successful attacks will cause applications written in PHP to hang, creating a denial-of-service condition. PHP 5.3.3 is...
php168 6.0 style.php 信息泄漏漏洞
No description provided by source...
php 5.1.2 file.c 权限提升漏洞
No description provided by source...
PHP rfc822_write_address 拒绝服务漏洞
No description provided by source...
CVE-2009-3559
main/streams/plainwrapper.c in PHP 5.3.x before 5.3.1 does not recognize the safemodeincludedir directive, which allows context-dependent attackers to have an unknown impact by triggering the failure of PHP scripts that perform include or require operations, as demonstrated by a script that...
PHP 5.3.0 pdflib file disclosure
Exploit for unknown platform in category web applications ================================ PHP 5.3.0 pdflib file disclosure ================================ Description: ------------ Via this bug , attacker can save a file in path that not allowed in openbasedir . Reproduce code: --------------- ...
CVE-2009-3292
Unspecified vulnerability in PHP before 5.2.11, and 5.3.x before 5.3.1, has unknown impact and attack vectors related to "missing sanity checks around exif processing."...
CVE-2008-7068
The dbareplace function in PHP 5.2.6 and 4.x allows context-dependent attackers to cause a denial of service file truncation via a key with the NULL byte. NOTE: this might only be a vulnerability in limited circumstances in which the attacker can modify or add database entries but does not have...
CVE-2007-5899
The outputaddrewritevar function in PHP before 5.2.5 rewrites local forms in which the ACTION attribute references a non-local URL, which allows remote attackers to obtain potentially sensitive information by reading the requests for this URL, as demonstrated by a rewritten form containing a loca...