PHP 7.0.x < 7.0.1 Multiple Vulnerabilities

According to its banner, the version of PHP running on the remote web server is 7.0.x prior to 7.0.1. It is, therefore, affected by multiple vulnerabilities : - A use-after-free error exists in the collatorsortwithsortkeys function due to improper clearing of pointers when destroying an array. An...

PHP 7.2.x < 7.2.10 Transfer-Encoding Parameter XSS Vulnerability

According to its banner, the version of PHP running on the remote web server is 5.6.x prior to 5.6.38, 7.0.x prior to 7.0.32, 7.1.x prior to 7.1.22 or 7.2.x prior to 7.2.10. It is, therefore, affected by a cross-site scripting vulnerability. An attacker could leverage this vulnerability to inject...

PHP 5.6.x < 5.6.30 Multiple DoS

According to its banner, the version of PHP running on the remote web server is 5.6.x prior to 5.6.30. It is, therefore, affected by the following vulnerabilities : - A floating pointer exception flaw exists in the exifconvertanytoint function in exif.c that is triggered when handling TIFF and JP...

PHP 5.6.x < 5.6.36 Multiple Vulnerabilities

According to its banner, the version of PHP running on the remote web server is 5.6.x prior to 5.6.36. It is, therefore, affected by multiple vulnerabilities. Note that the scanner has not attempted to exploit this issue but has instead relied only on the application's self-reported version numbe...

PHP 7.0.x < 7.0.19 Multiple Vulnerabilities

According to its banner, the version of PHP running on the remote web server is 7.0.x prior to 7.0.19. It is, therefore, affected by the following vulnerabilities : - A memory allocation issue exists in the zendstringextend function in file Zend/zendstring.h when concatenating strings due to a...

PHP 5.6.x < 5.6.23 Multiple Vulnerabilities

According to its banner, the version of PHP running on the remote web server is 5.6.x prior to 5.6.23. It is, therefore, affected by multiple vulnerabilities : - An invalid free flaw exists in the pharextractfile function within file ext/phar/pharobject.c that allows an unauthenticated, remote...

PHP 5.6.x < 5.6.26 Multiple Vulnerabilities

According to its banner, the version of PHP running on the remote web server is 5.6.x prior to 5.6.26. It is, therefore, affected by multiple vulnerabilities : - A flaw exists in ext/standard/varunserializer.re when destroying deserialized objects due to improper validation of user-supplied input...

PHP 7.0.x < 7.0.3 Multiple Vulnerabilities

According to its banner, the version of PHP running on the remote web server is 7.0.x prior to 7.0.3. It is, therefore, affected by multiple vulnerabilities : - The Perl-Compatible Regular Expressions PCRE library is affected by multiple vulnerabilities related to the handling of regular...

Internet Bug Bounty: heap buffer overflow in phar_detect_phar_fname_ext

The original report is here https://bugs.php.net/bug.php?id=77247 txt USEZENDALLOC=0 ./php-src-PHP-7.2.13/sapi/cli/php -r "vardumpnew Pharfilegetcontents'poc.phar',0,'test.phar';" txt ================================================================= ==44888==ERROR: AddressSanitizer:...

Fedora 28 : php (2018-b13b720a3d)

PHP version 7.2.4 29 Mar 2018 Core: - Fixed bug php76025 Segfault while throwing exception in errorhandler. Dmitry, Laruence - Fixed bug php76044 'date: illegal option -- -' in ./configure on FreeBSD. Anatol FPM: - Fixed bug php75605 Dumpable FPM child processes allow bypassing opcache access...

Fedora 28 : php (2018-b6072889db)

PHP version 7.2.10 13 Sep 2018 Core: - Fixed bug php76754 parent private constant in extends class memory leak. Laruence - Fixed bug php72443 Generate enabled extension. petk - Fixed bug php75797 Memory leak when using classalias in non-debug mode. Massimiliano Braglia Apache2: - Fixed bug php765...

WordPress HpHospital 1.0 Database Disclosure

Exploit Title : WordPress HpHospital Plugins 1.0 Database Backup Disclosure Author Discovered By : KingSkrupellos from Cyberizm Digital Security Army Date : 02/12/2018 Vendor Homepage : wordpress.org Tested On : Windows and Linux Category : WebApps Exploit Risk : Medium Version Information : 1.0...

JTBC (PHP) Cross-Site Request Forgery Vulnerability (CNVD-2018-26794)

JTBC PHP is an open source CMS Content Management System. A cross-site request forgery vulnerability exists in JTBC PHP version 3.0.1.7. A remote attacker can exploit this vulnerability to perform unauthorized operations with the help of console/xml/manage.php?type=action&action=edit URI...

SQL Injection Vulnerability in VANOC Enterprise Website Management System (PHP Version) cm***.php File

Vanno enterprise website management system PHP version is a php+MySQL development of php enterprise website management system. A SQL injection vulnerability exists in the cm.php file of the VANOC enterprise website management system PHP version. An attacker can exploit the vulnerability to obtain...

CVE-2018-19340

Guriddo Form PHP 5.3 has XSS via the demos/jqform/defaultnodb/default.php OrderID, ShipName, ShipAddress, ShipCity, ShipPostalCode, ShipCountry, Freight, or details parameter...

CVE-2018-18840

XSS was discovered in SEMCMS PHP V3.4 via the SEMCMSSeoAndTag.php?Class=edit&CF=SeoAndTag tagindexmetatit parameter...

PHP 7.1.5 Out of Bounds Access Vulnerability - Linux

PHP is prone to an out of bounds access vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; if description...

Fedora 27 : php (2018-6f37f99641)

PHP version 7.1.20 19 Jul 2018 Core: - Fixed bug php76534 PHP hangs on 'illegal string offset on string references with an error handler. Laruence - Fixed bug php76502 Chain of mixed exceptions and errors does not serialize properly. Nikita Date: - Fixed bug php76462 Undefined property:...

CVE-2018-10546

An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. An infinite loop exists in ext/iconv/iconv.c because the iconv stream filter does not reject invalid multibyte sequences...

Fedora 26 : composer (2018-8b35c531db)

Version 1.6.4 - 2018-04-13 - Security fixes in some edge case scenarios, recommended update for all users - Fixed regression in version guessing of path repositories - Fixed removing aliased packages from the repository, which might resolve some odd update bugs - Fixed updating of package URLs fo...