CVE-2006-7243

PHP before 5.3.4 accepts the \0 character in a pathname, which might allow context-dependent attackers to bypass intended access restrictions by placing a safe file extension after this character, as demonstrated by .php\0.jpg at the end of the argument to the fileexists function...

Fedora 13 : maniadrive-1.2-23.fc13 / php-5.3.4-1.fc13.1 / php-eaccelerator-0.9.6.1-3.fc13 (2010-19011)

Security Enhancements and Fixes in PHP 5.3.4 : - Fixed crash in zip extract method possible CWE-170. - Paths with NULL in them foo\0bar.txt are now considered as invalid CVE-2006-7243. - Fixed a possible double free in imap extension Identified by Mateusz Kocielski. CVE-2010-4150. - Fixed NULL...

Fedora 14 : maniadrive-1.2-23.fc14 / php-5.3.4-1.fc14.1 / php-eaccelerator-0.9.6.1-3.fc14 (2010-18976)

Security Enhancements and Fixes in PHP 5.3.4 : - Fixed crash in zip extract method possible CWE-170. - Paths with NULL in them foo\0bar.txt are now considered as invalid CVE-2006-7243. - Fixed a possible double free in imap extension Identified by Mateusz Kocielski. CVE-2010-4150. - Fixed NULL...

PHP 5.3.2 - zend_strtod() Floating-Point Value Denial of Service

PHP 5.3.2 - zendstrtod Floating-Point Value Denial of Service source: https://www.securityfocus.com/bid/45668/info PHP is prone to a remote denial-of-service vulnerability. Successful attacks will cause applications written in PHP to hang, creating a denial-of-service condition. PHP 5.3.3 is...

PHPOK V3. 0 local include vulnerability-vulnerability warning-the black bar safety net

PHPOK V3. 0 can be directly included file Vulnerability code: app\www\control\js.php function indexf $act = $this-translib-safe the"act"; iffileexistsROOTJS.$ act.". php" includeROOTJS.$ act.". php"; else echo "ERROR"; exit; Vulnerability testing EXP to:...

PHP 5.3 < 5.3.4 Multiple Vulnerabilities

According to its banner, the version of PHP 5.3 installed on the remote host is older than 5.3.4. Such versions may be affected by several security issues : - A crash in the zip extract method. - A stack-based buffer overflow in impagepstext of the GD extension. - An unspecified vulnerability...

php security update

5.1.6-27.3 - add security fix for CVE-2010-3870 626735 5.1.6-27.2 - fix varexport test cases 626735 5.1.6-27.1 - add security fixes for CVE-2010-1917, CVE-2010-3065, CVE-2010-2531, CVE-2010-1128, CVE-2010-0397 626735...

PHP multiple security vulnerabilities

phar extension information leaks, SPLObjectStorage information leaks, error messages information leaks, variables spoofing...

PHP Remote File Include Generic Code Execution

This module can be used to exploit any generic PHP file include vulnerability, where the application includes code like the following: This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'PHP Remote...

Fedora 11 : glpi-0.72.4-2.svn11035.fc11 (2010-5188)

This version correct several bugs. Full upstream changelog : Bug 1893: Unable to access to the model of phones dictionnary Bug 1904: Vlan not add using Template Bug 1906: Message-ID should not use $SERVER'HTTPHOST' Bug 1918: configured listlimitmax not honnoured Bug 1941: Disconnecting a port...

The Uploader 2.0.4 Remote File disclosure Vulnerability

Exploit for php platform in category web applications ======================================================= The Uploader 2.0.4 Remote File disclosure Vulnerability ======================================================= Script Name : The Uploader Version: 2.0.4 Language : php Author : Xa7m3d...

MOPS-2010-004: ClanSphere Captcha Generator Blind SQL Injection Vulnerability

MOPS-2010-004: ClanSphere Captcha Generator Blind SQL Injection Vulnerability May 3rd, 2010 A SQL Injection vulnerability was discovered in the Captcha generator of ClanSphere that allows retrieving all the data from the database. Affected versions Affected is ClanSphere = 2009.0.3 Credits The...

MOPS-2010-011: DeluxeBB newthread SQL Injection Vulnerability

MOPS-2010-011: DeluxeBB newthread SQL Injection Vulnerability May 6th, 2010 A SQL injection vulnerability was discovered in DeluxeBB that allows retrieving all the data from the database by adding new threads to the forum. Affected versions Affected is DeluxeBB = 1.3 Credits The vulnerability was...

MOPS-2010-018: EFront ask_chat chatrooms_ID SQL Injection Vulnerability

MOPS-2010-018: EFront askchat chatroomsID SQL Injection Vulnerability May 9th, 2010 A preauth SQL injection vulnerability was discovered in the chat feature of EFront that allows retrieving all data from the database by simple URL manipulation. Affected versions Affected is EFront = 3.6.2 Credits...

MOPS-2010-002: Campsite TinyMCE Article Attachment SQL Injection Vulnerability

MOPS-2010-002: Campsite TinyMCE Article Attachment SQL Injection Vulnerability May 1st, 2010 A SQL Injection vulnerability was discovered in the TinyMCE custom article attachment plugin within Campsite that allows retrieving all data from the database. Affected versions Affected is Campsite = 3.3...

Month of PHP Security - Summary - 1st May - 10th May

Hi everyone, 10 days ago the Month of PHP Security 2010 has started at http://www.php-security.org/ and meanwhile 20 vulnerabilities were posted and also 4 user submitted articles were published. Here is a short summary of what was released so far. You can follow the Month of PHP Security on...

ClanTiger Shoutbox Module s_email SQL Injection vulnerability

MOPS-2010-007: ClanTiger Shoutbox Module semail SQL Injection vulnerability May 4th, 2010 A SQL injection vulnerability was discovered in the shoutbox module of ClanTiger that allows retrieving all the data from the database. Affected versions Affected is ClanTiger = 1.1.3 Credits The vulnerabili...

PHP &quot;addcslashes()&quot; Information Disclosure Vulnerability

No description provided by source. Stefan Esser has reported a vulnerability in PHP, which can be exploited by malicious people to disclose potentially sensitive information. The vulnerability is caused due to the implementation of "addcslashes" function not being properly protected against...

PHP 5.3.x < 5.3.3 Integer Overflow Vulnerability

PHP is prone to a remote integer overflow vulnerability. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; ifdescription...

PHP < 4.4.5 Multiple Vulnerabilities

PHP is prone to multiple vulnerabilities in the Ovrimos extension. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php";...