SUSE-SU-2021:2638-1 Security update for php72

This update for php72 fixes the following issues: - CVE-2021-21704: Fixed security issues in pdofirebase module bsc1188035...

SUSE-SU-2021:2636-1 Security update for php74

This update for php74 fixes the following issues: - CVE-2021-21704: Fixed security issues in pdofirebase module bsc1188035. - CVE-2021-21705: Fixed SSRF bypass in FILTERVALIDATEURL bsc1188037...

OS Command injection in Bolt

Bolt before 3.7.2 does not restrict filter options in a Request in the Twig context, and is therefore inconsistent with the "How to Harden Your PHP for Better Security" guidance...

GLPI 9.5.3 Unsafe Reflection

Exploit Title: GLPI 9.5.3 - 'fromtype' Unsafe Reflection Date: 2021-02-13 Exploit Author: Vadym Soroka @Iterasec https://iterasec.com Vendor Homepage: https://glpi-project.org Software Link: https://github.com/glpi-project/glpi/releases Version: =9.5.3 Tested on:v9.5.3, 2021-02-13 Technical...

DLA-2564-1 php-horde-text-filter - security update

Bulletin has no description...

CVE-2020-7071

In PHP versions 7.3.x below 7.3.26, 7.4.x below 7.4.14 and 8.0.0, when validating URL with functions like filtervar$url, FILTERVALIDATEURL, PHP will accept an URL with invalid password as valid URL. This may lead to functions that rely on URL being valid to mis-parse the URL and produce wrong dat...

CVE-2020-28925

Bolt before 3.7.2 does not restrict filter options in a Request in the Twig context, and is therefore inconsistent with the "How to Harden Your PHP for Better Security" guidance...

CVE-2020-28925

Bolt before 3.7.2 does not restrict filter options in a Request in the Twig context, and is therefore inconsistent with the "How to Harden Your PHP for Better Security" guidance...

Code Execution Vulnerability in UCMS System

UCMS is a content management system written in PHP. A code execution vulnerability exists in UCMS, which can be exploited by attackers to execute malicious code...

Joomla SIGE 3.4.1-FREE / 3.5.3-PRO RFI / Cross Site Scripting

Title: SIGE - Simple Image Gallery Extended joomla extension 3.4.1-FREE / 3.5.3-PRO - Multi Vulnerability Remote File Inclusion RFI & Cross Site Scripting XSS date: 2020-11-11 Vendor Homepage: https://kubik-rubik.de/ Software Link: https://kubik-rubik.de/sige-simple-image-gallery-extended Softwar...

Medium: php72, php73

Issue Overview: In PHP versions 7.2.x below 7.2.34, 7.3.x below 7.3.23 and 7.4.x below 7.4.11, when AES-CCM mode is used with opensslencrypt function with 12 bytes IV, only first 7 bytes of the IV is actually used. This can lead to both decreased security and incorrect encryption data...

CVE-2020-7070

In PHP versions 7.2.x below 7.2.34, 7.3.x below 7.3.23 and 7.4.x below 7.4.11, when PHP is processing incoming HTTP cookie values, the cookie names are url-decoded. This may lead to cookies with prefixes like Host confused with cookies that decode to such prefix, thus leading to an attacker being...

CVE-2020-7070

In PHP versions 7.2.x below 7.2.34, 7.3.x below 7.3.23 and 7.4.x below 7.4.11, when PHP is processing incoming HTTP cookie values, the cookie names are url-decoded. This may lead to cookies with prefixes like Host confused with cookies that decode to such prefix, thus leading to an attacker being...

CVE-2020-7069

In PHP versions 7.2.x below 7.2.34, 7.3.x below 7.3.23 and 7.4.x below 7.4.11, when AES-CCM mode is used with opensslencrypt function with 12 bytes IV, only first 7 bytes of the IV is actually used. This can lead to both decreased security and incorrect encryption data...

SUSE-SU-2020:2477-1 Security update for php5

This update for php5 fixes the following issues: - CVE-2020-7068: Use of freed hash key in the pharparsezipfile function bsc1175223...

CVE-2020-13619

php/exec/escapeshellarg in Locutus PHP through 2.0.11 allows an attacker to achieve code execution...

Online Student Enrollment System 1.0 Cross Site Request Forgery

Exploit Title: Online Student Enrollment System 1.0 - Cross-Site Request Forgery Add Student Google Dork: N/A Date: 2020-06-20 Exploit Author: BKpatron Vendor Homepage: https://www.campcodes.com/projects/php/4745/online-student-enrollment-system-in-php-mysqli/ Software Link:...

SUSE-SU-2020:0522-1 Security update for php5

This update for php5 fixes the following issues: Security issues fixed: - CVE-2019-11041: Fixed heap buffer over-read in exifscanthumbnail bsc1146360. - CVE-2019-11042: Fixed heap buffer over-read in exifprocessusercomment bsc1145095. - CVE-2019-11043: Fixed possible remote code execution via...

Medium: php73

Issue Overview: When using fgetss function to read data with stripping tags, in PHP versions 7.2.x below 7.2.27, 7.3.x below 7.3.14 and 7.4.x below 7.4.2 it is possible to supply data that will cause this function to read past the allocated buffer. This may lead to information disclosure or crash...

CVE-2019-11045

In PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0, PHP DirectoryIterator class accepts filenames with embedded \0 byte and treats them as terminating at that byte. This could lead to security vulnerabilities, e.g. in applications checking paths that the code is allowed to access...