Linux Distros Unpatched Vulnerability : CVE-2018-5712

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in PHP before 5.6.33, 7.0.x before 7.0.27, 7.1.x before 7.1.13, and 7.2.x before 7.2.1. There is Reflected XSS on the PHAR 404 error pag...

Linux Distros Unpatched Vulnerability : CVE-2019-9020

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. Invalid input to the function xmlrpcdecode can lea...

Linux Distros Unpatched Vulnerability : CVE-2015-4026

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The pcntlexec implementation in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 truncates a pathname upon encountering a \x00 character, which...

Linux Distros Unpatched Vulnerability : CVE-2016-7125

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ext/session/session.c in PHP before 5.6.25 and 7.x before 7.0.10 skips invalid session names in a way that triggers incorrect parsing, which allows remote...

Linux Distros Unpatched Vulnerability : CVE-2017-9226

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A heap out-of-bounds write or read...

Linux Distros Unpatched Vulnerability : CVE-2015-4147

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The SoapClient::call method in ext/soap/soap.c in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 does not verify that defaultheaders is an array...

Linux Distros Unpatched Vulnerability : CVE-2017-7272

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PHP through 7.1.11 enables potential SSRF in applications that accept an fsockopen or pfsockopen hostname argument with an expectation that the port number is...

Linux Distros Unpatched Vulnerability : CVE-2015-5589

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The pharconverttoother function in ext/phar/pharobject.c in PHP before 5.4.43, 5.5.x before 5.5.27, and 5.6.x before 5.6.11 does not validate a file pointer...

Linux Distros Unpatched Vulnerability : CVE-2006-7243

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PHP before 5.3.4 accepts the \0 character in a pathname, which might allow context-dependent attackers to bypass intended access restrictions by placing a safe...

Linux Distros Unpatched Vulnerability : CVE-2010-3870

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The utf8decode function in PHP before 5.3.4 does not properly handle non-shortest form UTF-8 encoding and ill-formed subsequences in UTF-8 data, which makes it...

ABB Cylon Aspect 3.08.02 PHP Session Fixation

ABB Cylon Aspect version 3.08.02 is vulnerable to session fixation, allowing an attacker to set a predefined PHPSESSID value. An attacker can leverage an unauthenticated reflected cross site scripting vulnerability in jsonProxy.php to inject a crafted request, forcing the victim to adopt a fixate...

CVE-2025-22508

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in roninwp FAT Event Lite fat-event-lite allows PHP Local File Inclusion.This issue affects FAT Event Lite: from n/a through = 1.1...

CVE-2022-4606

PHP Remote File Inclusion in GitHub repository flatpressblog/flatpress prior to 1.3...

CVE-2024-52381

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Shoaib Rehmat ZIJ KART zij-kart allows PHP Local File Inclusion.This issue affects ZIJ KART: from n/a through = 1.1...

CVE-2024-54225

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in codegearthemes Designer designer allows PHP Local File Inclusion.This issue affects Designer: from n/a through = 1.4.1...

BIT-PHP-MIN-2020-7061 heap-buffer-overflow in phar_extract_file

In PHP versions 7.3.x below 7.3.15 and 7.4.x below 7.4.3, while extracting PHAR files on Windows using phar extension, certain content inside PHAR file could lead to one-byte read past the allocated buffer. This could potentially lead to information disclosure or crash...

WordPress plugin Email Reminders cross-site scripting vulnerability

WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin Email Reminders version 2.0.5 and previous versions of cross-site scripting vulnerabili...

WordPress Plugin DynamicTags SQL Injection Vulnerability

WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerability exists in WordPress plugin DynamicTags version 1.4.0 and earlier versions,...

php:8.2 security update

An update is available for php-pecl-zip, module.php-pecl-apcu, php-pecl-xdebug3, module.php-pecl-xdebug3, php-pecl-rrd, module.php-pecl-rrd, module.php-pecl-zip, php-pecl-apcu. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severit...

php:8.2 security update

An update is available for module.libzip, module.php-pecl-apcu, module.php-pecl-xdebug3, module.php-pecl-zip, php-pecl-rrd, module.php-pear, module.php-pecl-rrd, php-pecl-zip, php, libzip, module.php, php-pecl-apcu, php-pecl-xdebug3, php-pear. This update affects Rocky Linux 8. A Common...