654 matches found
PHP 5.2.9 cURL 'safe_mode' and 'open_basedir' Restriction-Bypass Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/34475/info PHP is prone to a 'safemode' and 'openbasedir' restriction-bypass vulnerability. Successful exploits could allow an attacker to access files in unauthorized locations. This vulnerability would be an issue in...
deV!L`z Clanportal Witze Addon 0.9 - SQL Injection Vulnerability
No description provided by source. ======================================================================================== | Title : deV!Lz Clanportal Witze Addon Versions 0.9 SQL Injection Vulnerability | Author : Easy Laster | Download : http://dzcp-zone.de/downloads/?action=show&id=97 | Scrip...
[SECURITY] [DSA 2961-1] php5 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2961-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso June 16, 2014 http://www.debian.org/security/faq -...
MGASA-2014-0215 Updated php packages fix CVE-2014-0185
Updated php packages fix security vulnerability: PHP FPM in PHP versions before 5.4.28 and 5.5.12 uses a UNIX domain socket with world-writable permissions by default, which allows any local user to connect to it and execute PHP scripts as the apache user CVE-2014-0185. Additionally updated...
Fedora 20 : php-5.5.11-1.fc20 (2014-4767)
03 Apr 2014, PHP 5.5.11 Core : - Allow zero length comparison in substrcompare Tjerk - Fixed bug 60602 procopen changes environment array Tjerk SPL : - Added feature 65545 SplFileObject::fread Tjerk cURL : - Fixed bug 66109 Can't reset CURLOPTCUSTOMREQUEST to default behaviour Tjerk - Fix...
Exploits for Two-Year-Old PHP Security Vulnerability Found
Close to two years ago, a serious vulnerability in PHP was accidentally disclosed after it was discovered months prior during a hacking contest. A patch was released in relatively short order, and one would assume that given PHP’s prevalence as a web development framework, the fix would have been...
php_address_book authentication SQL injection
SQL Injection vulnerability in PHP Address Book Vulnerability Type: SQL Injection For the exploit source code contact DSquare Security sales team...
Integer overflow
Multiple integer signedness errors in the gdImageCrop function in ext/gd/gd.c in PHP 5.5.x before 5.5.9 allow remote attackers to cause a denial of service application crash or obtain sensitive information via an imagecrop function call with a negative value for the 1 x or 2 y dimension, a...
PHP 5.5.x < 5.5.9 GD Extension Multiple Vulnerabilities
Binary data 8125.prm...
Advisory 01/2013: PHP openssl_x509_parse() Memory Corruption Vulnerability
SektionEins GmbH www.sektioneins.de -= Security Advisory =- Advisory: PHP opensslx509parse Memory Corruption Vulnerability Release Date: 2013/12/13 Last Modified: 2013/12/13 Author: Stefan Esser stefan.esseratsektioneins.de Application: PHP 4.0.6 - PHP 4.4.9 PHP 5.0.x PHP 5.1.x PHP 5.2.x PHP 5.3....
Critical: php54
Issue Overview: A memory corruption flaw was found in the way the opensslx509parse function of the PHP openssl extension parsed X.509 certificates. A remote attacker could use this flaw to provide a malicious self-signed certificate or a certificate signed by a trusted authority to a PHP...
php, php53 security update
CentOS Errata and Security Advisory CESA-2013:1813 Updated php53 and php packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6 respectively. The Red Hat Security Response Team has rated this update as having critical security impact. A Common Vulnerability...
phpmps 2.3 /Member.php SQL注入漏洞
No description provided by source...
php53 security update
CentOS Errata and Security Advisory CESA-2013:1307 Updated php53 packages that fix multiple security issues, several bugs, and add one enhancement are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common...
php53 security, bug fix and enhancement update
5.3.3-21 - add security fix for CVE-2013-4248 5.3.3-20 - add security fix for CVE-2013-4113 5.3.3-19 - add upstream reproducer for errorhandler 951075 5.3.3-18 - add security fixes for CVE-2006-7243 5.3.3-17 - reorder security patches - add security fixes for CVE-2012-2688, CVE-2012-0831,...
tipask quiz system 2. 0 ajaxsearch secondary code injection vulnerability and fix-vulnerability warning-the black bar safety net
Tipask quiz system is an open source PHP imitation Baidu know the program. To the Chinese use habit of the design concept, the use of the MVC framework, the system has a fast speed, SEO-friendly, the interface operation is clean and clear and other characteristics. But Tipask in the presence of t...
Amazon Linux AMI : php (ALAS-2011-07)
The MITRE CVE database describes these CVEs as : Revert isa behavior to php = 5.3.6 and add a new new option allowstring for the new behavior accept string and raise autoload if needed Use-after-free vulnerability in the substrreplace function in PHP 5.3.6 and earlier allows context-dependent...
PHP 5.4.x < 5.4.17 Buffer Overflow
Binary data 801405.prm...
EUVD-2013-4042
ext/xml/xml.c in PHP before 5.3.27 does not properly consider parsing depth, which allows remote attackers to cause a denial of service heap memory corruption or possibly have unspecified other impact via a crafted document that is processed by the xmlparseintostruct function...
Oracle Linux 4 : php (ELSA-2012-0071)
From Red Hat Security Advisory 2012:0071 : Updated php packages that fix several security issues are now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, whi...