PHP 7.1.x < 7.1.6 Multiple Vulnerabilities

According to its banner, the version of PHP running on the remote web server is 7.1.x prior to 7.1.6. It is, therefore, affected by the following vulnerabilities : - A flaw exists in zendhashaddorupdatei within file main/phpini.c when handling a malformed php.ini file. An attacker can exploit thi...

PHP 7.0.x < 7.0.20 Multiple Vulnerabilities

According to its banner, the version of PHP running on the remote web server is 7.0.x prior to 7.0.20. It is, therefore, affected by the following vulnerabilities : - A flaw exists in zendhashaddorupdatei within file main/phpini.c when handling a malformed php.ini file. An attacker can exploit th...

OV3 Online Administration 3.0 - Directory Traversal

OV3 Online Administration 3.0 - Directory Traversal OV3 Online Administration 3.0 Parameter Traversal Arbitrary File Access PoC Exploit Vendor: novaCapta Software & Consulting GmbH Product web page: http://www.meacon.de Affected version: 3.0 Summary: With the decision to use the OV3 as a platform...

PHP 7.0.x < 7.0.17 / 7.1.x < 7.1.3 DoS

Binary data 700087.prm...

Crypttech CryptoLog Remote Code Execution

This module exploits a SQL injection and command injection vulnerability in the PHP version of CryptoLog. An unauthenticated user can execute a terminal command under the context of the web user. These vulnerabilities are no longer present in the ASP.NET version CryptoLog, available since 2009...

Fedora 24 : php-pear-CAS (2017-d9d620366e)

Changes in version 1.3.5 - Security Fixes : - Fix possible authentication bypass in validateCAS20 228 Gregory Boddin - Bug Fixes : - Fix file permissions non-executable 177 Remi Collet - Fixed translations Greek and Japanese 192 ikari7789 - Fix errors under phpdbg 204 MasonM - Fix logout...

Bypass $cfg['Servers'][$i]['AllowNoPassword']

PMASA-2017-8 Announcement-ID: PMASA-2017-8 Date: 2017-03-28 Updated: 2018-05-01 Summary Bypass $cfg'Servers'$i'AllowNoPassword' Description A vulnerability was discovered where the restrictions caused by $cfg'Servers'$i'AllowNoPassword' = false are bypassed under certain PHP versions. This can...

PT-2017-1613 · Zend Technologies +4 · Zend Opcache +6

Name of the Vulnerable Software and Affected Versions: PHP versions prior to 5.6.28 PHP versions prior to 7.0.13 Description: The issue exists due to inadequate access control when inheriting certain classes related to operational code in PHP configurations using apache2handler/mod php or php-fpm...

Design/Logic Flaw

The sanitycheck module in SimpleSAMLphp before 1.14.1 allows remote attackers to learn the PHP version on the system via unspecified vectors...

CVE-2016-3124

The sanitycheck module in SimpleSAMLphp before 1.14.1 allows remote attackers to learn the PHP version on the system via unspecified vectors...

CVE-2016-3124

The sanitycheck module in SimpleSAMLphp before 1.14.1 allows remote attackers to learn the PHP version on the system via unspecified vectors...

CVE-2016-3124

The CVE concerns SimpleSAMLphp’s sanitycheck module prior to version 1.14.1, which is vulnerable to information leakage. The issue allows remote attackers to determine the PHP version running on the affected system via unspecified vectors. The vulnerability is tied to the sanitycheck component, a...

CVE-2016-3124

The sanitycheck module in SimpleSAMLphp before 1.14.1 allows remote attackers to learn the PHP version on the system via unspecified vectors...

CVE-2016-3124

The sanitycheck module in SimpleSAMLphp before 1.14.1 allows remote attackers to learn the PHP version on the system via unspecified vectors...

PHP 7.0.x < 7.0.15 Multiple Vulnerabilities

According to its banner, the version of PHP running on the remote web server is 7.0.x prior to 7.0.15. It is, therefore, affected by the following vulnerabilities : - A remote code execution vulnerability exists due to a use-after-free error in the unserialize function that is triggered when usin...

PHP Multiple Denial of Service Vulnerabilities - 02 (Jan 2017) - Linux

PHP is prone to multiple denial of service DoS vulnerabilities. This VT has been deprecated and merged into the VT SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

PHP 5.6.x < 5.6.29 DoS

Binary data 9841.prm...

PHP < 7.1.0 Multiple Vulnerabilities

Binary data 9843.prm...

PHP Standard PHP Library Memory Misreference Vulnerability (CNVD-2017-00068)

PHP PHP: Hypertext Preprocessor is an open source general-purpose computer scripting language maintained by the PHP Group and the open source community. The language supports multiple syntaxes, multiple databases and operating systems, and program extensions in C, C++, etc. The Standard PHP Libra...

Mastery oa 2015 \inc\common.inc.php approve_finish function injection vulnerability

Recently made public measured when encountered on a system, The 2015 version of the latest update date: 2016-07-22 Injection the analysis \inc\common.inc.php ? php function SecureRequest&$var if isarray$var foreach $var as $k = $v $var$k = securerequest$v; else if 0 strlen$var &&...