Joomla HTTP Header Unauthenticated Remote Code Execution

Joomla suffers from an unauthenticated remote code execution that affects all versions from 1.5.0 to 3.4.5. By storing user supplied headers in the databases session table it's possible to truncate the input by sending an UTF-8 character. The custom created payload is then executed once the sessi...

Mail.ru: [allods.my.com] Full SQL Disclosure

Уязвимость имеет ту же природу, что и в 96729 и в 96727. Уязвимость возникает вследствие чтения ошибок через включенный Debug-режим. И там, и там - раскрытие информации за счёт debug-режима. Но для того, что бы раскрыть SQL запрос необходимо произвести Stress-тест многочисленными запросами любой...

Web Hosting Service 000webhost Hacked, Information of 13 Million Leaked

Information on nearly 14 million users of 000webhost, a Lithuanian web hosting service, was spilled earlier this year when a hacker exploited an old version of the company’s website and gained access to the backend. 13.5 million customer usernames, plaintext passwords, email addresses, IP...

PHP 5.6.x < 5.6.12 Multiple Vulnerabilities

Binary data 8960.prm...

PHP 5.6.x < 5.6.14 Multiple Vulnerabilities

According to its banner, the version of PHP running on the remote web server is 5.6.x prior to 5.6.14. It is, therefore, affected by multiple vulnerabilities : - A NULL pointer dereference flaw exists in the phargetfpoffset function in ext/phar/util.c that is triggered when pointing to a...

PHP 5.6.x < 5.6.12 Multiple Vulnerabilities

According to its banner, the version of PHP running on the remote web server is 5.6.x prior to 5.6.12. It is, therefore, affected by multiple vulnerabilities : - A use-after-free error exists in file spldllist.c due to improper sanitization of input to the unserialize function. An attacker can...

APC / APCu INFO Page Accessible (HTTP)

HTTP based detection of an exposed APC / APCu INFO page. SPDX-FileCopyrightText: 2015 SCHUTZWERK GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...

PHP 5.6.x < 5.6.10 Multiple Vulnerabilities

According to its banner, the version of PHP 5.6.x running on the remote web server is prior to 5.6.10. It is, therefore, affected by multiple vulnerabilities : - Multiple heap buffer overflow conditions exist in the bundled Perl-Compatible Regular Expression PCRE library due to improper validatio...

CentOS Update for php CESA-2015:1135 centos7

Check the version of php SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882203";...

CVE-2015-3412

PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 does not ensure that pathnames lack %00 sequences, which might allow remote attackers to read arbitrary files via crafted input to an application that calls the streamresolveincludepath function in ext/standard/streamsfuncs.c, as...

PHP 5.4.x < 5.4.40 / 5.5.x < 5.5.24 / 5.6.x < 5.6.8 'php_sdl.c' WSDL Injection

Binary data 8789.prm...

PHP 5.4.x < 5.4.40 / 5.5.x < 5.5.24 / 5.6.x < 5.6.8 Multiple Vulnerabilities

Binary data 8784.prm...

Integer overflow

The pharparsetarfile function in ext/phar/tar.c in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 does not verify that the first character of a filename is different from the \0 character, which allows remote attackers to cause a denial of service integer underflow and memory...

Code injection

PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 truncates a pathname upon encountering a \x00 character in certain situations, which allows remote attackers to bypass intended extension restrictions and access files or directories with unexpected names via a crafted argument to 1...

CVE-2014-9652

The mconvert function in softmagic.c in file before 5.21, as used in the Fileinfo component in PHP before 5.4.37, 5.5.x before 5.5.21, and 5.6.x before 5.6.5, does not properly handle a certain string-length field during a copy of a truncated version of a Pascal string, which might allow remote...

PHP 4.3.10 < 4.4.9 / 5.0.3 < 5.4.36 / 5.5.x < 5.5.20 / 5.6.x < 5.6.4 DoS

Binary data 8922.prm...

PHP 5.4.x < 5.4.38 Multiple Vulnerabilities (GHOST)

According to its banner, the version of PHP 5.4.x installed on the remote host is prior to 5.4.38. It is, therefore, affected by multiple vulnerabilities : - A heap-based buffer overflow flaw in the enchantbrokerrequestdict function in ext/enchant/enchant.c could allow a remote attacker to cause ...

PHP 5.4.x < 5.4.36 'process_nested_data' RCE

According to its banner, the version of PHP 5.4.x installed on the remote host is prior to 5.4.36. It is, therefore, affected by a use-after-free error in the 'processnesteddata' function within 'ext/standard/varunserializer.re' due to improper handling of duplicate keys within the serialized...

CVE-2014-9426

The apprenticeload function in libmagic/apprentice.c in the Fileinfo component in PHP through 5.6.4 attempts to perform a free operation on a stack-based character array, which allows remote attackers to cause a denial of service memory corruption or application crash or possibly have unspecified...

PHP 5.4.x < 5.4.36 / 5.5.x < 5.5.20 / 5.6.x < 5.6.4 Use-After-Free

Binary data 8608.prm...