CVE-2019-11048

In PHP versions 7.2.x below 7.2.31, 7.3.x below 7.3.18 and 7.4.x below 7.4.6, when HTTP file uploads are allowed, supplying overly long filenames or field names could lead PHP engine to try to allocate oversized memory storage, hit the memory limit and stop processing the request, without cleanin...

PT-2020-5865 · Php +9 · Php +9

Name of the Vulnerable Software and Affected Versions: PHP versions 7.2.x below 7.2.34 PHP versions 7.3.x below 7.3.23 PHP versions 7.4.x below 7.4.11 Description: The issue is related to the openssl encrypt function in PHP when used with AES-CCM mode and a 12-byte initialization vector IV. Only...

Fedora 30 : php (2020-96cb012029)

PHP version 7.3.17 16 Apr 2020 Core: - Fixed bug php79364 When copy empty array, next key is unspecified. cmb - Fixed bug php78210 Invalid pointer address. cmb, Nikita CURL: - Fixed bug php79199 curlcopyhandle memory leak. cmb Date: - Fixed bug php79396 DateTime hour incorrect during DST jump...

PHP 7.3.x < 7.3.17 Out of Bounds Read Vulnerability

According to its banner, the version of PHP running on the remote web server is 7.3.x prior to 7.3.17. It is, therefore, affected by an out-of-bounds read error in its url decoding component due to insufficient validation of user-supplied input. An unauthenticated, remote attacker can exploit thi...

CVE-2020-7067

In PHP versions 7.2.x below 7.2.30, 7.3.x below 7.3.17 and 7.4.x below 7.4.5, if PHP is compiled with EBCDIC support uncommon, urldecode function can be made to access locations past the allocated memory, due to erroneously using signed numbers as array indexes. Recent assessments: Assessed...

CVE-2020-7064

In PHP versions 7.2.x below 7.2.9, 7.3.x below 7.3.16 and 7.4.x below 7.4.4, while parsing EXIF data with exifreaddata function, it is possible for malicious data to cause PHP to read one byte of uninitialized memory. This could potentially lead to information disclosure or crash...

CVE-2019-9022

An issue was discovered in PHP 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.2. dnsgetrecord misparses a DNS response, which can allow a hostile DNS server to cause PHP to misuse memcpy, leading to read operations going past the buffer allocated for DNS data. This affects phpparser...

UBUNTU-CVE-2020-7066

In PHP versions 7.2.x below 7.2.29, 7.3.x below 7.3.16 and 7.4.x below 7.4.4, while using getheaders with user-supplied URL, if the URL contains zero \0 character, the URL will be silently truncated at it. This may cause some software to make incorrect assumptions about the target of the getheade...

Fedora 30 : php (2020-ce5a2a7403)

PHP version 7.3.16 19 Mar 2020 Core: - Fixed bug php63206 restoreerrorhandler does not restore previous errors mask. Mark Plomer DOM: - Fixed bug php77569: Write Access Violation in DomImplementation. Nikita, cmb - Fixed bug php79271 DOMDocumentType::$childNodes is NULL. cmb Enchant: - Fixed bug...

Fedora 31 : php (2020-0bf228857a)

PHP version 7.3.16 19 Mar 2020 Core: - Fixed bug php63206 restoreerrorhandler does not restore previous errors mask. Mark Plomer DOM: - Fixed bug php77569: Write Access Violation in DomImplementation. Nikita, cmb - Fixed bug php79271 DOMDocumentType::$childNodes is NULL. cmb Enchant: - Fixed bug...

PHPKB Multi-Language 9 - Authenticated Remote Code Execution

PHPKB Multi-Language 9 - Authenticated Remote Code Execution Exploit Title: PHPKB Multi-Language 9 - Authenticated Remote Code Execution Google Dork: N/A Date: 2020-03-15 Exploit Author: Antonio Cannito Vendor Homepage: https://www.knowledgebase-script.com/ Software Link:...

XYCMS message board PHP version of the background of the SQL injection vulnerability

XYCMS message board PHP version is to php + MySQL for the development of php message board source code, software for the ordinary message board, can be widely used in corporate websites and other websites that need a message board to use. XYCMS message board PHP version of the background there ar...

Medium: php72

Issue Overview: In PHP versions 7.3.x below 7.3.15 and 7.4.x below 7.4.3, while extracting PHAR files on Windows using phar extension, certain content inside PHAR file could lead to one-byte read past the allocated buffer. This could potentially lead to information disclosure or crash...

PHP 7.2.x < 7.2.28 / PHP 7.3.x < 7.3.15 / 7.4.x < 7.4.3 Multiple Vulnerabilities

According to its banner, the version of PHP running on the remote web server is either 7.2.x prior to 7.2.28, 7.3.x prior to 7.3.15, or 7.4.x prior to 7.4.3. It is, therefore, affected by multiple vulnerabilities: - A heap-based buffer overflow condition exists in pharextractfile function due to...

Fedora 30 : php (2020-4ea970ebc6)

PHP version 7.3.15 20 Feb 2020 Core: - Fixed bug php71876 Memory corruption htmlspecialchars: charset ' not supported. Nikita - Fixed bug php79146 cscript can fail to run on some systems. clarodeus - Fixed bug php78323 Code 0 is returned on invalid options. Ivan Mikheykin - Fixed bug php76047...

U.S. Dept Of Defense: phpinfo() disclosure info

hi security team i found subdoamins avalibale file phpinfo PoC:- https://█████████/phpinfo.php Impact An attacker can obtain information such as: •Exact PHP version. •Exact OS and its version. •Details of the PHP configuration. •Internal IP addresses. •Server environment variables. •Loaded PHP...

SUSE-SU-2020:14289-1 Security update for php53

This update for php53 fixes the following issues: Security issues fixed: - CVE-2020-7059: Fixed an out-of-bounds read in phpstriptagsex bsc1162629. - CVE-2019-11045: Fixed an issue with the PHP DirectoryIterator class that accepts filenames with embedded \0 bytes bsc1159923. - CVE-2019-11046: Fix...

Medium: php72

Issue Overview: When using fgetss function to read data with stripping tags, in PHP versions 7.2.x below 7.2.27, 7.3.x below 7.3.14 and 7.4.x below 7.4.2 it is possible to supply data that will cause this function to read past the allocated buffer. This may lead to information disclosure or crash...

CVE-2020-7064

In PHP versions 7.2.x below 7.2.9, 7.3.x below 7.3.16 and 7.4.x below 7.4.4, while parsing EXIF data with exifreaddata function, it is possible for malicious data to cause PHP to read one byte of uninitialized memory. This could potentially lead to information disclosure or crash. Recent...

PT-2020-5321 · Php +7 · Php +7

Name of the Vulnerable Software and Affected Versions: PHP versions 7.2.x through 7.2.27 PHP versions 7.3.x through 7.3.14 PHP versions 7.4.x through 7.4.2 Description: The issue is related to the incorrect preservation of permissions when creating PHAR archives using the...