PHP 345 - ZendEngine Variable Destruction Remote Denial of Service

PHP 345 - ZendEngine Variable Destruction Remote Denial of Service source: https://www.securityfocus.com/bid/22764/info PHP is prone to a denial-of-service vulnerability because it fails to properly sanitize user-supplied input. An attacker who can run PHP code on a vulnerable computer may exploi...

php security update

CentOS Errata and Security Advisory CESA-2007:0076 Updated PHP packages that fix several security issues are now available for Red Hat Enterprise Linux 3 and 4. This update has been rated as having important security impact by the Red Hat Security Response Team. PHP is an HTML-embedded scripting...

Important: php security update

4.3.9-3.22.3 - add security fix for CVE-2007-0988 4.3.9-3.22.2 - add security fixes for CVE-2007-0906, CVE-2007-0907, CVE-2007-0908, CVE-2007-0909, CVE-2007-0910 4.3.9-3.22.1 - update oci8 build from upstream Bastien Nocera, 162241 - add conditionally patch for lib64 oci8 build Xixi D'Moon, 17396...

webSPELL 4.01.02 (gallery.php) Remote Blind SQL Injection Exploit

Exploit for unknown platform in category web applications ================================================================= webSPELL 4.01.02 gallery.php Remote Blind SQL Injection Exploit ================================================================= allowredirection1; $xpl-cookiejar1; functio...

Php5 GPC bypass flaw-vulnerability warning-the black bar safety net

In the discussion of specific defects before we start to learn a little about php security aspect of small things. magicquotesgpc option is php one of the important security settings, when the option is ON that is open at the time, all from GET, POST, COOKie is passed over the data in the'," and,...

Debian DSA-919-2 : curl - buffer overflow

The upstream developer of curl, a multi-protocol file transfer library, informed us that the former correction to several off-by-one errors are not sufficient. For completeness please find the original bug description below : Several problems were discovered in libcurl, a multi-protocol file...

paBugs <= 2.0 Beta 3 (class.mysql.php) Remote File Include Exploit

No description provided by source. ?php / ::::::::: :::::::::: ::: ::: ::::::::::: ::: :+: :+: :+: :+: :+: :+: :+: +:+ +:+ +:+ +:+ +:+ +:+ +:+ ++ +:+ +++:++ ++ +:+ ++ ++ ++ ++ ++ ++ ++ ++ ++ + + + +++ + + ::::::::::: :::::::::: ::: :::: :::: :+: :+: :+: :+: +:+:+: :+:+:+ +:+ +:+ +:+ +:+ +:+ +:+:+...

phpBypass.txt

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 PHP 5.1.6 / 4.4.4 Critical phpadmin bypass by inirestore Author: Maksymilian Arciemowicz cXIb8O3 Date: - - Written: 05.09.2006 - - Public: 09.09.2006 SecurityAlert Id: 42 CVE: CVE-2006-4625 SecurityRisk: High Affected Software: PHP 5.1.6 / 4.4.4 = x...

iziContents RC6 - Remote Code Execution

iziContents RC6 - Remote Code Execution !/usr/bin/php -q -d shortopentag=on include/rssfunctions.php line 32-40: .... $GLOBALS"rootdp" = './'; requireonce $GLOBALS"rootdp"."include/config.php"; requireonce $GLOBALS"rootdp"."include/db.php"; requireonce $GLOBALS"rootdp"."include/session.php";...

PHP ip2long() function circumvention

--- PHP ip2long function circumvention -------------------------------------- tested on php 5.0.2 " 4.3.3 -------------------------------------------------------------------------------- after some test on miniBB application http://www.minibb.net/ I obtained that the php ip2long function can be...

Moderate: Red Hat Security Advisory: php security update for Stronghold

An updated version of PHP that addresses several security issues is now available for Stronghold 4.0 for Enterprise Linux. This update has been rated as having moderate security impact by the Red Hat Security Response Team. PHP is an HTML-embedded scripting language. Several security issues were...

ST AdManager Lite v1

ST AdManager Lite v1 Homepage: http://www.site-trade.com/index.php Effected files: index.php submit.php input form XSS Vulnerabilities: submit.php input forms do not correctly sanatize user input before submitting it to be checked by an admin and then published. This in turn to allow a user to...

CVE-2006-2283

CVE-2006-2283 affects SpiffyJr phpRaid versions 2.9.5 to 3.0.b3, enabling remote PHP code execution via remote file inclusion. Exploitation vectors involve crafted URLs in phpbb_root_path (auth.php/auth_phpbb with phpBB portal enabled) and smf_root_path (auth.php/auth_SMF with SMF portal enabled)...

Design/Logic Flaw

nettools.php in PHP Net Tools 2.7.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the host parameter...

Simplog 0.9.2 - 's' Remote Command Execution

!/usr/bin/php -q -d shortopentag=on \r\n"; die; / software site: http://www.simplog.org/ description: "Simplog provides an easy way for users to add blogging capabilities to their existing websites. Simplog is written i...

[SECURITY] [DSA 919-2] New curl packages fix potential security problem

-------------------------------------------------------------------------- Debian Security Advisory DSA 919-2 [email protected] http://www.debian.org/security/ Martin Schulze Marth 10th, 2006 http://www.debian.org/security/faq -...

ezDatabase20.txt

ezDatabase 2.0 and below ezDatabase 2.0 and below ========================================= www.ezdatabase.org "ezDatabase is the foundation for your online databases. It is a powerful web based application that allows even non-technical users to create online databases for their website...

ezDatabase 2.0 and below

ezDatabase 2.0 and below ezDatabase 2.0 and below ========================================= www.ezdatabase.org "ezDatabase is the foundation for your online databases. It is a powerful web based application that allows even non-technical users to create online databases for their website...

PHP 4.4.0 - 'mysql_connect function' Local Buffer Overflow

?php / This exploit was designed to work with PHP versions 4.3.10 and 4.4.0 under Windows XP SP 1. If another operating system is used, the replacement EIP must be changed. The replacement EIP is written 261 bytes into our string. For this exploit, I used a CALL ESI from ws232.dll from Windows XP...

CVE-2005-4077

Multiple off-by-one errors in the cURL library libcurl 7.11.2 through 7.15.0 allow local users to trigger a buffer overflow and cause a denial of service or bypass PHP security restrictions via certain URLs that 1 are malformed in a way that prevents a terminating null byte from being added to...