PHP < 4.4.5 / 5.2.1 _SESSION unset() Local Exploit

No description provided by source. ?php //////////////////////////////////////////////////////////////////////// // // // | || | | | | | | | || || \ // // | |/ || '|/ |/ -| ' \ / -/ |||| /| || / // // ||||,||| ,|||||||,| || |||||| // // // // Proof of concept code from the Hardened-PHP...

PHP < 4.4.5 / 5.2.1 _SESSION Deserialization Overwrite Exploit

No description provided by source...

PHP 5.2 Session.Save_Path() Safe_Mode and Open_Basedir Restriction Bypass Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/21508/info PHP is prone to a 'safemode' and 'openbasedir' restriction-bypass vulnerability. Successful exploits could allow an attacker to access sensitive information or to write files in unauthorized locations. This...

WebSPELL <= 4.01.02 (picture.php) File Disclosure Vulnerability

No description provided by source. WebSPELL = 4.01.02 picture.php Remote File Disclosure Vulnerability Discovered by: Trex Visit: www.Trex-Online.net / www.UnderGround.ag Comment: Happy easter! / \ / \ / / / \ \ / \ /\ // / GIVE ME A CARROT OR I WILL \ \O O/ \ BLOW UP YOUR HOUSE / / ^ \ / / /...

PHP <= 4.4.3 / 5.1.4 (sscanf) Local Buffer Overflow Exploit

No description provided by source. ? / hoagiephpsscanf.php PHP = 4.4.3 / 5.1.4 local buffer overflow exploit howto get offsets: set $baseaddr to 0x41414141 ulimit -c 20000 /etc/init.d/apache restart execute script via web browser tail /var/log/apache/error.log ... Wed Aug 16 15:07:10 2006 notice...

MercuryBoard <= 1.1.4 (User-Agent) Remote SQL Injection Exploit

No description provided by source. !/usr/bin/php -q -d shortopentag=on ? printr' -------------------------------------------------------------------------------- MercuryBoard = 1.1.4 User-Agent SQL injection / privilege escalation exploit php version by rgod [email protected] site:...

PHP <= 4.4.4 unserialize() ZVAL Reference Counter Overflow Exploit PoC

No description provided by source. ?php //////////////////////////////////////////////////////////////////////// // // // | || | | | | | | | || || \ // // | |/ || '|/ |/ -| ' \ / -/ |||| /| || / // // ||||,||| ,|||||||,| || |||||| // // // // Proof of concept code from the Hardened-PHP...

PHP <= 3.0.13 'safe_mode' Failure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/911/info PHP Version 3.0 is an HTML-embedded scripting language. Much of its syntax is borrowed from C, Java and Perl with a couple of unique PHP-specific features thrown in. The goal of the language is to allow web...

PHP 5.5.x < 5.5.14 Multiple Vulnerabilities

According to its banner, the version of PHP 5.5.x installed on the remote host is a version prior to 5.5.14. It is, therefore, affected by the following vulnerabilities : - Boundary checking errors exist related to the Fileinfo extension, Composite Document Format CDF handling and the functions...

PHP 5.5.x < 5.5.13 'src/cdf.c' Multiple Vulnerabilities

According to its banner, the version of PHP 5.5.x installed on the remote host is a version prior to 5.5.13. It is, therefore, affected by the following vulnerabilities : - A flaw exists with the 'cdfunpacksummaryinfo' function within 'src/cdf.c' where multiple fileprintf calls occur when handlin...

PHP 5.4.x < 5.4.27 awk Magic Parsing BEGIN DoS

According to its banner, the version of PHP 5.4.x installed on the remote host is a version prior to 5.4.27. It is, therefore, potentially affected by a denial of service vulnerability. A flaw exists in the awk script detector within magic/Magdir/commands where multiple wildcards with unlimited...

Et-Chat 3.0.7 Password Reset

IIIIIIII RRRRRRRRRRRR HHHHHHHH HHHHHHHH IIII RRRR RRRR HHHH HHHH IIII RRRR RRRR HHHH HHHH IIII RRRR RRRR HHHH HHHH IIII RRRR RRRR HHHH HHHH IIII RRRRRRRRRR HHHHHHHHHHHHHHHH IIII RRRR RRRR HHHH HHHH IIII RRRR RRRR HHHH HHHH IIII RRRR RRRR HHHH HHHH IIII RRRR RRRR HHHH HHHH IIIIIIII RRRRRRRR RRRRRR...

PHP 5.5.x < 5.5.8 Multiple Vulnerabilities

According to its banner, the version of PHP 5.5.x installed on the remote host is a version prior to 5.5.8. It is, therefore, potentially affected by the following vulnerabilities : - A heap-based buffer overflow error exists in the file 'ext/date/lib/parseisointervals.c' related to handling...

PHP 5.4.x < 5.4.24 Multiple Vulnerabilities

According to its banner, the version of PHP 5.4.x installed on the remote host is a version prior to 5.4.24. It is, therefore, potentially affected by the following vulnerabilities : - A heap-based buffer overflow error exists in the file 'ext/date/lib/parseisointervals.c' related to handling...

About apache+php-cgi mod attack-vulnerability warning-the black bar safety net

One, the origin of: 1, the attack code International well-known vulnerabilities to attack the code release mechanism exploit-db released one for apache+php attack code, The authors of the famous international hacker Kingcope it. See http://www.exploit-db.com/exploits/29290/ Attacks effect derived...

PHP 5.5.x < 5.5.3 Multiple Vulnerabilities

According to its banner, the version of PHP 5.5.x installed on the remote host is a version prior to 5.5.3. It is, therefore, potentially affected by the following vulnerabilities : - An error exists related to the 'Sessions' subsystem that can allow an attacker to hijack the session of another...

OpenX Backdoor PHP Code Execution Vulnerability

OpenX Ad Server version 2.8.10 was shipped with an obfuscated backdoor since at least November 2012 through August 2013. Exploitation is simple, requiring only a single request with a rot13'd and reversed payload. This file is part of the Metasploit Framework and may be subject to redistribution...

PHP 5.3.x < 5.3.27 Information Disclosure

Binary data 6928.prm...

php: xml_parse_into_struct buffer overflow when parsing deeply nested XML

ext/xml/xml.c in PHP before 5.3.27 does not properly consider parsing depth, which allows remote attackers to cause a denial of service heap memory corruption or possibly have unspecified other impact via a crafted document that is processed by the xmlparseintostruct function...

php_eggs

This plugin tries to find the documented easter eggs that exist in PHP and identify the remote PHP version using the easter egg content. The easter eggs that this plugin verifies are: PHP Credits, Logo, Zend Logo, PHP Logo 2: http://php.net/?=PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000...