532 matches found
security flaw
The deserialization code in PHP before 4.3.10 and PHP 5.x up to 5.0.2 allows remote attackers to cause a denial of service and execute arbitrary code via untrusted data to the unserialize function that may trigger "information disclosure, double-free and negative reference index array underflow"...
PHP Input Validation Vulnerabilities
------------------------------------------------------------------------- | PHP Input Validation Vulnerabilities | ------------------------------------------------------------------------- Date: 12-16-2004 Author: Daniel Fabian Product: PHP Vendor: PHP http://www.php.net Vendor-Status: vendor...
PHP < 3.0 mylog.html/mlog.html Arbitrary File Access
The remote host is running PHP/FI. The remote version of this software contains a flaw in the files mylog.html/mlog.html that can allow a remote attacker to view arbitrary files on the remote host. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc';...
PHP php_variables.c Multiple Variable Open Bracket Memory Disclosure
The remote host is running a version of PHP that is older than 5.0.2 or 4.39. The remote version of this software is affected by a memory disclosure vulnerability in PHPVariables. An attacker may exploit this flaw to remotely read portions of the memory of the httpd process on the remote host...
PHP 4.x/5.0.1 - PHP_Variables Remote Memory Disclosure
source: https://www.securityfocus.com/bid/11334/info A vulnerability is reported to present itself in the array parsing functions of the 'phpvariables.c' PHP source file. The vulnerability occurs when a PHP script is being used to print URI parameters or data, that are supplied by a third party,...
PHP < 4.1.0 Safe Mode Mail Function Command Execution
Binary data 1483.prm...
PHP 3.0.x < 3.0.17 / 4.0.x < 4.0.3 Hidden Form Field File Upload
Binary data 1478.prm...
security flaw
The striptags function in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, does not filter null \0 characters within tag names when restricting input to allowed tags, which allows dangerous tags to be processed by web browsers such as Internet Explorer and Safari, which ignore null characters and...
PT-2003-1462 · Apache +1 · Apache Httpd +1
Name of the Vulnerable Software and Affected Versions: PHP affected versions not specified Apache httpd 2.0 Description: The issue allows attackers to bypass intended access restrictions if PHP is running on a server that passes on all methods. This is because PHP treats unknown methods, such as...
PHP 4.x - 'socket_recv()' Signed Integer Memory Corruption
source: https://www.securityfocus.com/bid/7197/info A vulnerability has been reported in PHP versions 4.3.1 and earlier. The problem occurs in the socketrecv and may allow an attacker to corrupt memory. Specifically, the affected function fails to carry out sanity checks on user-supplied argument...
Multiple PHP Vulnerabilities - Remote Compromise Exploit in Circulation
Internet Security Systems Security Alert February 27, 2002 Multiple PHP Vulnerabilities: Remote Compromise Exploit in Circulation Synopsis: ISS X-Force has learned of multiple buffer overflow vulnerabilities present in the PHP Hypertext Preprocessor scripting language. PHP is a popular server-sid...
PHP Error Log Format String Command Injection
The version of PHP that is running on the remote host is older than 3.0.17 or 4.0.3. If the option 'logerrors' is set to 'On' in php.ini, then an attacker may execute arbitrary code on this host. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc';...