Internet Bug Bounty: Invalid Read on exif_process_SOFn

This bug is present in exifscanthumbnail method of ext/exif/exif.c file. Detailed description and steps to reproduce for this bug is present in bug report submitted to php.net. Bug Report : https://bugs.php.net/bug.php?id=77540 PHP version : 7.1.26 CVE-ID : 2019-9640 Impact This bug may allow an...

Fedora 28 : php (2019-efa799fd16)

PHP version 7.2.16 07 Mar 2019 Core: - Fixed bug php77589 Core dump using parseinistring with numeric sections. Laruence - Fixed bug php77630 rename across the device may allow unwanted access during processing. Stas EXIF: - Fixed bug php77509 Uninitialized read in exifprocessIFDinTIFF. Stas -...

PHP 7.3.x < 7.3.1 Multiple vulnerabilities

According to its banner, the version of PHP running on the remote web server is 5.6.x prior to 5.6.40, 7.1.x prior to 7.1.26, 7.2.x prior to 7.2.14 or 7.3.x prior to 7.3.1. It is, therefore, affected by multiple vulnerabilities: - An integer underflow condition exists in gdContributionsAlloc...

wordpress -- multiple issues

wordpress developers reports: Hosts can now offer a button for their users to update PHP. The recommended PHP version used by the Update PHP notice can now be filtered...

PHP 7.1.x < 7.1.9 Heap-based Buffer Overflow Vulnerability

According to its banner, the version of PHP running on the remote web server is 7.1.x prior to 7.1.9. It is, therefore, affected by a heap-based buffer overflow condition exists in the ext/standard/varunserializer.re script due to improper use of the hash API for key deletion. An unauthenticated,...

PHP 7.1.x < 7.1.8 Denial of Service Vulnerability

According to its banner, the version of PHP running on the remote web server is 7.1.x prior to 7.1.8. It is, therefore, affected by a denial of service DoS vulnerability exists in the ext/wddx/wddx.c script due to the use of an invalid free for an empty boolean element. An unauthenticated, remote...

PHP 7.0.x < 7.0.0 Multiple Vulnerabilities

According to its banner, the version of PHP running on the remote web server is 7.x prior to 7.0.0. It is, therefore, affected by the following vulnerabilities: - A directory traversal vulnerability in the ZipArchive::extractTo function of ext/zip/phpzip.c script. An unauthenticated, remote...

PHP Memory Disclosure Vulnerability - Windows

dnsgetrecord misparses a DNS response, which can allow a hostile DNS server to cause PHP to misuse memcpy, leading to read operations going past the buffer allocated for DNS data. This affects phpparserr in ext/standard/dns.c for DNSCAA and DNSANY queries. SPDX-FileCopyrightText: 2019 Greenbone A...

CVE-2019-9024

Removed by vendor...

U.S. Dept Of Defense: [https://███] Local File Inclusion via graph.php

Summary: There exists a Local File Inclusion vulnerability on https://████ due to a known vulnerability in the ZendTo library. This was fixed in Version 5.16-6 Beta, although ██████ is still running ZendTo 5.11. Impact This allows path traversal in a file name that is then returned to the user...

PHP 7.2.x < 7.2.8 Use After Free Arbitrary Code Execution in EXIF

According to its banner, the version of PHP running on the remote web server is 7.0.x prior to 7.0.31 or 7.2.x prior to 7.2.8 . It is, therefore, affected by a use after free arbitrary code execution vulnerability. Note that the scanner has not tested for these issues but has instead relied only ...

PHP 7.0.x < 7.0.33 Multiple vulnerabilities

According to its banner, the version of PHP running on the remote web server is 5.6.x prior to 5.6.39, 7.0.x prior to 7.0.33, 7.1.x prior to 7.1.25, 7.2.x prior to 7.2.13 or 7.3.x prior to 7.3.0. It is, therefore, affected by multiple vulnerabilities: - An arbitrary command injection vulnerabilit...

PHP 5.6.x < 5.6.39 Multiple vulnerabilities

According to its banner, the version of PHP running on the remote web server is 5.6.x prior to 5.6.39, 7.0.x prior to 7.0.33, 7.1.x prior to 7.1.25, 7.2.x prior to 7.2.13 or 7.3.x prior to 7.3.0. It is, therefore, affected by multiple vulnerabilities: - An arbitrary command injection vulnerabilit...

PHP 7.2.x < 7.2.14 Multiple vulnerabilities.

According to its banner, the version of PHP running on the remote web server is 7.2.x prior to 7.2.14. It is, therefore, affected by multiple vulnerabilities: - An integer underflow condition exists in gdContributionsAlloc function in gdinterpolation.c. An unauthenticated, remote attacker can hav...

Fedora 29 : php (2019-aa6036fcb3)

PHP version 7.2.14 10 Jan 2019 Core: - Fixed bug php77369 memcpy with negative length via crafted DNS response. Stas - Fixed bug php71041 zendsignalstartup needs ZENDAPI. Valentin V. Bartenev - Fixed bug php76046 PHP generates 'FEFREE' opcode on the wrong line. Nikita Date: - Fixed bug php77097...

SQL injection vulnerability in the background cm***.php file of Vanno enterprise website management system (PHP version) (CNVD-2019-05487)

Vanno enterprise website management system PHP version is a php+MySQL development of php enterprise website management system. VANOC enterprise website management system PHP version background cm.php file SQL injection vulnerability, attackers can use the vulnerability to obtain database sensitiv...

PHP 7.x < 7.0.2 Multiple Vulnerabilities

According to its banner, the version of PHP running on the remote host is 7.x prior to 7.0.2. It is, therefore, affected by multiple vulnerabilities : - An out-of-bounds read error exists in the gdImageRotateInterpolated function in file gdinterpolation.c when handling background colors. A remote...

PHP 5.6.x < 5.6.14 Multiple Vulnerabilities

According to its banner, the version of PHP running on the remote web server is 5.6.x prior to 5.6.14. It is, therefore, affected by multiple vulnerabilities : - A NULL pointer dereference flaw exists in the phargetfpoffset function in ext/phar/util.c that is triggered when pointing to a...

PHP 5.6.x < 5.6.1 add_post_var() Code Execution

According to its banner, the version of PHP 5.6.x installed on the remote host is prior to 5.6.1. It is, therefore, affected by errors related to the function 'addpostvar' within file 'posthandler.c', the input filters, and the 'efree' function. Input filters that free the 'ksep' variable can als...

PHP 5.6.x < 5.6.32 Multiple Vulnerabilities

According to its banner, the version of PHP running on the remote web server is 5.6.x prior to 5.6.32. It is, therefore, affected by multiple vulnerabilities. Note that the scanner has not attempted to exploit this issue but has instead relied only on the application's self-reported version numbe...