PHP 7.0.x < 7.0.14 Multiple Vulnerabilities

According to its banner, the version of PHP running on the remote web server is 7.0.x prior to 7.0.14. It is, therefore, affected by the following vulnerabilities: - A remote code execution vulnerability due to a memory corruption issue in the phpwddxpushelement function in ext/wddx/wddx.c that...

PHP 5.6.x < 5.6.29 Multiple Vulnerabilities

According to its banner, the version of PHP running on the remote web server is 5.6.x prior to 5.6.29. It is, therefore, affected by multiple vulnerabilities : - A memory corruption issue exists in the phpwddxpushelement function in ext/wddx/wddx.c that is triggered when decoding empty boolean...

Multiple SQL Injection Vulnerabilities in XYCMS (PHP version) Message Boards

XYCMS, formerly known as Nanjing XYCMS Enterprise Station Building System, is a commercial website building system developed based on ASP. The designed version is divided into dynamic and static version. XYCMS PHP version message board has multiple SQL injection vulnerabilities. Through the...

Piwik <= 2.16.0 (saveLayout) PHP object injection vulnerability

The vulnerability can be triggered through the saveLayout method defined in /plugins/Dashboard/Controller.php: 210. public function saveLayout 211. 212. $this-checkTokenInUrl; 213. 214. $layout = Common::unsanitizeInputValueCommon::getRequestVar'layout'; 215. $layout = striptags$layout; 216...

PHP 5.5.x < 5.5.35, 5.6.x < 5.6.21, 7.x < 7.0.6 Multiple Vulnerabilities

Binary data 802031.prm...

PHP 7.0.x < 7.0.4 Multiple Vulnerabilities

Binary data 802029.prm...

PHP 5.6.26 and 7.0.11 Use After Free in unserialize() Vulnerability

Exploit for php platform in category remote exploits PoC: References: https://bugs.php.net/bug.php?id=73147 0day.today 2018-04-08...

Ian Dunn: Google Authenticator0.6 - PHP Version Dosclosure

Hello Vulnerable File and Link : http://localhost/wordpress/wp-content/plugins/google-authenticator-per-user-prompt/views/requirements-error.php Vulnerable Link : 8 You're running version Vulnerable Code: Good Luck/...

PHP 5.6.x < 5.6.26 / 7.0.x < 7.0.11 Multiple Vulnerabilities

Binary data 9580.prm...

CVE-2016-7412

ext/mysqlnd/mysqlndwireprotocol.c in PHP before 5.6.26 and 7.x before 7.0.11 does not verify that a BIT field has the UNSIGNEDFLAG flag, which allows remote MySQL servers to cause a denial of service heap-based buffer overflow or possibly have unspecified other impact via crafted field metadata...

PHP 7.x < 7.0.10 Multiple Vulnerabilities (Sep 2016) - Linux

PHP is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; if description...

PHP 5.0.0 'snmpwalkoid()' Local Denial of Service Vulnerability

PHP is a new language for writing CGI programs. A local denial of service vulnerability exists in PHP 5.0.0 'snmpwalkoid', which can be exploited by attackers to launch denial of service attacks...

PHP 7 is due: the deserialization vulnerability case studies and analysis,-vulnerability warning-the black bar safety net

Leak the pointer In a typical PHP-5 deserialization of use, we will use a dispenser to cover a pointer to the string contents of the pointer, thus reading the next stack slot. However, in PHP-7,The internal string representation is different. In PHP-7, The basic structure of the struct zval...

PHP < 5.6.0 DoS Vulnerability - Linux

PHP is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; if description...

IPS Community Suite PHP remote code execution vulnerability analysis(CVE-2 0 1 6-6 1 7 4)-vulnerability warning-the black bar safety net

“IPS Community Suite”is a foreign of the more common CMS. But in its 4. 1. 1 2. 3 version and the following version, there is a PHP code injection vulnerability that stems from the procedures fail to adequately filter contentclass request parameters. A remote attacker may exploit this vulnerabili...

CVE-2016-5769

Multiple integer overflows in mcrypt.c in the mcrypt extension in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8 allow remote attackers to cause a denial of service heap-based buffer overflow and application crash or possibly have unspecified other impact via a crafted length value,...

CVE-2016-6292

The exifprocessusercomment function in ext/exif/exif.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted JPEG image...

XYCMS built Station system php version \search\index.php SQL injection

No description provided by source...

PHP < 5.4.38, < 5.5.22, < 5.6.6 HTTP Header Content Injection XSS

Binary data 802020.prm...

IPS Community Suite 4.1.12.3 - PHP Code Injection

Exploit for php platform in category web applications --------------------------------------------------------------------------- IPS Community Suite contentclass ; 39. 40. if ! classexists $class or ! inarray 'IPS\Content', classparents $class 41. 42. \IPS\Output::i-error 'nodeerror', '2S226/2',...