PHP 7.3.x < 7.3.6 Multiple Vulnerabilities

According to its banner, the version of PHP running on the remote web server is 7.1.x prior to 7.1.30, 7.2.x prior to 7.2.19 or 7.3.x prior to 7.3.6. It is, therefore, affected by the following vulnerabilities: - An uninitialized read vulnerability exists in gdImageCreateFromXbm due to sscanf...

S-CMS Enterprise Website Builder System has Arbitrary File Download Vulnerability

S-CMS enterprise station building system is Zibo Shining Network Technology Co., Ltd. developed a specialized enterprise station building solutions for the product. S-CMS enterprise website building system PHP version v3.0 version of the existence of arbitrary file download vulnerability, logging...

Fedora 29 : php (2019-8c4b25b5ec)

"PHP version 7.2.19 30 May 2019 EXIF: - Fixed bug php77988 heap-buffer-overflow on phpjpgget16. CVE-2019-11040 Stas FPM: - Fixed bug php77934 php-fpm kill -USR2 not working. Jakub Zelenka - Fixed bug php77921 static.php.net doesn't work anymore. Peter Kokot GD: - Fixed bug php77943...

Fedora 30 : php (2019-be4f895015)

"PHP version 7.3.6 30 May 2019 cURL: - Implemented FR php72189 Add missing CURLVERSION constants. Javier Spagnoletti EXIF: - Fixed bug php77988 heap-buffer-overflow on phpjpgget16. CVE-2019-11040 Stas FPM: - Fixed bug php77934 php-fpm kill -USR2 not working. Jakub Zelenka - Fixed bug php77921...

PHP 7.1.x < 7.1.30 Multiple Vulnerabilities.

According to its banner, the version of PHP running on the remote web server is 7.1.x prior to 7.1.30. It is, therefore, affected by the following vulnerabilities: - An uninitialized vulnerability exists in gdImageCreateFromXbm due to sscanf method not being able to read a hex value. An attacker...

PHP 7.1.x < 7.1.29 Heap-based Buffer Overflow Vulnerability

According to its banner, the version of PHP running on the remote web server is 7.1.x prior to 7.1.29, 7.2.x prior to 7.2.18 or 7.3.x prior to 7.3.5. It is, therefore, affected by a heap-based buffer over-read condition within estrndup of the exifprocessIFDTAG in the exif.c script. An...

Versionscan - A PHP Version Scanner For Reporting Possible Vulnerabilities

Versionscan is a tool for evaluating your currently installed PHP version and checking it against known CVEs and the versions they were fixed in to report back potential issues. PLEASE NOTE: Work is still in progress to adapt the tool to linux distributions that backport security fixes. As of rig...

eLabFTW 1.8.5 Arbitrary File Upload / Remote Code Execution

!/usr/bin/env python Exploit Title : eLabFTW 1.8.5 'EntityController' Arbitrary File Upload / RCE Date : 5/18/19 Exploit Author : liquidsky JMcPeters Vulnerable Software : eLabFTW 1.8.5 Vendor Homepage : https://www.elabftw.net/ Version : 1.8.5 Software Link : https://github.com/elabftw/elabftw...

eLabFTW 1.8.5 - Arbitrary File Upload Remote Code Execution

eLabFTW 1.8.5 - Arbitrary File Upload Remote Code Execution !/usr/bin/env python Exploit Title : eLabFTW 1.8.5 'EntityController' Arbitrary File Upload / RCE Date : 5/18/19 Exploit Author : liquidsky JMcPeters Vulnerable Software : eLabFTW 1.8.5 Vendor Homepage : https://www.elabftw.net/ Version ...

eLabFTW 1.8.5 - Arbitrary File Upload / Remote Code Execution

Exploit Title : eLabFTW 1.8.5 'EntityController' Arbitrary File Upload / RCE Date : 5/18/19 Exploit Author : liquidsky JMcPeters Vulnerable Software : eLabFTW 1.8.5 Vendor Homepage : https://www.elabftw.net/ Version : 1.8.5 Software Link : https://github.com/elabftw/elabftw Tested On : Linux / PH...

Fedora 29 : php (2019-6e325234a4)

PHP version 7.2.18 02 May 2019 CLI: - Fixed bug php77794 Incorrect Date header format in built-in server. kelunik EXIF - Fixed bug php77950 Heap-buffer-overflow in estrndup via exifprocessIFDTAG. CVE-2019-11036 Stas Interbase: - Fixed bug php72175 Impossibility of creating multiple connections to...

Fedora 28 : php (2019-bab3944fee)

PHP version 7.2.18 02 May 2019 CLI: - Fixed bug php77794 Incorrect Date header format in built-in server. kelunik EXIF - Fixed bug php77950 Heap-buffer-overflow in estrndup via exifprocessIFDTAG. CVE-2019-11036 Stas Interbase: - Fixed bug php72175 Impossibility of creating multiple connections to...

PHP 7.1.x < 7.1.29 Heap-based Buffer Overflow Vulnerability.

According to its banner, the version of PHP running on the remote web server is 7.1.x prior to 7.1.29. It is, therefore, affected by a heap-based buffer over-read condition within estrndup of the exifprocessIFDTAG in the exif.c script. An unauthenticated, remote attacker can exploit this, to caus...

Fedora 30 : php (2019-1d78e14cfd)

PHP version 7.3.4 04 April 2019 Core: - Fixed bug php77738 Nullptr deref in zendcompileexpr. Laruence - Fixed bug php77660 Segmentation fault on break 2147483648. Laruence - Fixed bug php77652 Anonymous classes can lose their interface information. Nikita - Fixed bug php77345 Stack Overflow cause...

Fedora 30 : php (2019-3f4ba94260)

PHP version 7.3.3 07 Mar 2019 Core: - Fixed bug php77589 Core dump using parseinistring with numeric sections. Laruence - Fixed bug php77329 Buffer Overflow via overly long Error Messages. Dmitry - Fixed bug php77494 Disabling class causes segfault on member access. Dmitry - Fixed bug php77498...

Fedora 29 : php (2019-da36d5d484)

PHP version 7.2.17 04 Apr 2019 Core: - Fixed bug php77738 Nullptr deref in zendcompileexpr. Laruence - Fixed bug php77660 Segmentation fault on break 2147483648. Laruence - Fixed bug php77652 Anonymous classes can lose their interface information. Nikita - Fixed bug php77676 Unable to run tests...

PHP 7.2.x < 7.2.17 Multiple Vulnerabilities

According to its banner, the version of PHP running on the remote web server is 7.1.x prior to 7.1.28, 7.2.x prior to 7.2.17 or 7.3.x prior to 7.3.4. It is, therefore, affected by multiple vulnerabilities: - A heap-based buffer over-read condition exists in phpifdget32s in exif.c. - A heap-based...

Internet Bug Bounty: Uninitialized read in exif_process_IFD_in_MAKERNOTE

This bug is present in exifprocessIFDinMAKERNOTE method of ext/exif/exif.c file. Detailed description and steps to reproduce for this bug is present in bug report submitted to php.net. Bug Report : https://bugs.php.net/bug.php?id=77563 PHP version : 7.1.26 CVE-ID : 2019-9638 Impact Uninitialized...

WordPress article2pdf 0.24 DoS / File Deletion / Disclosure Vulnerabilities

WordPress article2pdf plugin versions 0.24 and above suffer from resource exhaustion, arbitrary file download, and file deletion vulnerabilities. Product: article2pdf Wordpress plug-in Product Website: https://wordpress.org/plugins/article2pdf/ Affected Versions: 0.24 and greater The following...

Multiple Reflective XSS Vulnerabilities in S-CMS School Building System PHP Version

S-CMS is a content management system CMS based on PHP and MySQL. A cross-site scripting vulnerability exists in S-CMS PHP version 1.0, which stems from a lack of proper validation of client-side data by the WEB application. An attacker can exploit this vulnerability to execute client-side code...