Design/Logic Flaw

In the /HNAP1/SetWiFiVerifyAlpha message, the WPSPIN parameter is vulnerable, and the vulnerability affects D-Link DIR-822 B1 202KRb06 devices. In the SetWiFiVerifyAlpha.php source code, the WPSPIN parameter is saved in the $rphyinf1."/media/wps/enrollee/pin" and $rphyinf2."/media/wps/enrollee/pi...

CVE-2018-20478

An issue was discovered in S-CMS 1.0. It allows reading certain files, such as PHP source code, via the admin/download.php DownName parameter with a mixed-case extension, as demonstrated by a DownName=download.Php value...

CVE-2016-3078 PHP ZipArchive Integer Overflow analysis-vulnerability warning-the black bar safety net

This vulnerability range is PHP 7.0.6 version before PHP 7. the x version. PHP source code can be here to, PHP source code architecture PHP source code of the core library is in the Zend directory. Responsible for the php script parsing, execution and other core functions. TSRM directory is on yo...

Internet Bug Bounty: NULL Pointer Dereference in WDDX Packet Deserialization with PDORow

bug report at: https://bugs.php.net/bug.php?id=73331 fix commit at: https://github.com/php/php-src/commit/6045de69c7dedcba3eadf7c4bba424b19c81d00d...

EC-CUBE 2.12.6 - Server-Side Request Forgery

Exploit Title: EC-CUBE 2.12.6 Server-Side Request Forgery Date: 22/10/16 Exploit Author: Wad Deek Vendor Homepage: http://en.ec-cube.net/ Software Link: http://en.ec-cube.net/download/ Version: 2.12.6en-p1 Tested on: Xampp on Windows7 Fuzzing tool:...

OpenCimetiere 3.0.0-a5 - Blind SQL Injection

Exploit Title: OpenCimetiere v3.0.0-a5 | Blind SQL Injection Date: 06/08/16 Exploit Author: Wad Deek Vendor Homepage: http://www.openmairie.org/ Software Link: http://www.openmairie.org/catalogue/opencimetiere/ Version: 3.0.0-a5 +3.0.0-a5 /opencimetiere/HISTORY.txt Tested on: Xampp with PostgreSQ...

Categorizator 0.3.1 - SQL Injection

Categorizator 0.3.1 - SQL Injection Exploit Title: Categorizator 0.3.1 | SQL Injection Date: 03/09/16 Exploit Author: Wad Deek Vendor Homepage: http://lelogiciellibre.net/telecharger/annuaire-web.php Software Link: ftp://ftp2.lelogiciellibre.net/lelogiciellibre/annu/categorizator031.zip Version:...

OpenCimetiere v3.0.0-a5 - Blind SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: OpenCimetiere v3.0.0-a5 | Blind SQL Injection Date: 06/08/16 Exploit Author: Wad Deek Vendor Homepage: http://www.openmairie.org/ Software Link: http://www.openmairie.org/catalogue/opencimetiere/ Version: 3.0.0-a5 +3.0.0-a5...

Internet Bug Bounty: SEH buffer overflow msgfmt_format_message

Upstream bug --------------- https://bugs.php.net/bug.php?id=73007 Fixed in PHP 7.0.11 and PHP 5.6.26 --------------- http://php.net/ChangeLog-5.php5.6.26 http://php.net/ChangeLog-7.php7.0.11 Patch ------- http://git.php.net/?p=php-src.git;a=commit;h=20fa323d53257a776bd7551ce7bdb2261cfe5420...

WordPress Simple Backup 2.7.11 Plugin - Multiple Vulnerabilities

Exploit for php platform in category web applications Meta information Exploit Title: Wordpress plugin simple-backup - Multiple vulnerabilities Date: 2016-06-02 Exploit Author: PizzaHatHacker A gmail . com Vendor Homepage: DEAD LINK https://wordpress.org/plugins/simple-backup/ Software Link: DEAD...

CVE-2016-1208

The server in Apple FileMaker before 14.0.4 on OS X allows remote attackers to read PHP source code via unspecified vectors...

Code injection

The server in Apple FileMaker before 14.0.4 on OS X allows remote attackers to read PHP source code via unspecified vectors...

CVE-2016-1208

The server in Apple FileMaker before 14.0.4 on OS X allows remote attackers to read PHP source code via unspecified vectors...

Internet Bug Bounty: Integer overflow in wordwrap

https://github.com/php/php-src/pull/1738issuecomment-174260748...

Merak Mail Server 7.4.5 calendar.html schedule Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/10966/info The webmail package embedded in Merak Mail Server is reported prone to multiple vulnerabilities. The vulnerabilities reported are: - Multiple cross-site scripting vulnerabilities - An HTML injection vulnerabili...

Merak Mail Server 7.4.5 address.html Path Disclosure

No description provided by source. source: http://www.securityfocus.com/bid/10966/info The webmail package embedded in Merak Mail Server is reported prone to multiple vulnerabilities. The vulnerabilities reported are: - Multiple cross-site scripting vulnerabilities - An HTML injection vulnerabili...

Merak Mail Server 7.4.5 attachment.html attachmentpage_text_error Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/10966/info The webmail package embedded in Merak Mail Server is reported prone to multiple vulnerabilities. The vulnerabilities reported are: - Multiple cross-site scripting vulnerabilities - An HTML injection vulnerabili...

Merak Mail Server 7.4.5 settings.html Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/10966/info The webmail package embedded in Merak Mail Server is reported prone to multiple vulnerabilities. The vulnerabilities reported are: - Multiple cross-site scripting vulnerabilities - An HTML injection vulnerabili...

Merak Mail Server 7.4.5 address.html Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/10966/info The webmail package embedded in Merak Mail Server is reported prone to multiple vulnerabilities. The vulnerabilities reported are: - Multiple cross-site scripting vulnerabilities - An HTML injection vulnerabili...

CSDJCMS拿shell漏洞与PHP源码分析过程

简要描述： CSDJCMS漏洞后台拿shell 详细说明： includeonce"include/install.php"; ifSIsInstall==0 header"Location:install/install.php"; includeonce"include/label.php"; ifSWebmode==1 or !fileexists"index.html" //缓存区 $cacheid ='index'; if!$cacheopt-start$cacheid echo GetTemp"index.html",0; $cacheopt-end; else...