CVE-2002-2029

PHP, when installed on Windows with Apache and ScriptAlias for /php/ set to c:/php/, allows remote attackers to read arbitrary files and possibly execute arbitrary programs via an HTTP request for php.exe with a filename in the query string...

AZL-42628 CVE-2024-2408 affecting package php for versions less than 8.1.29-1

The opensslprivatedecrypt function in PHP, when using PKCS1 padding OPENSSLPKCS1PADDING, which is the default, is vulnerable to the Marvin Attack unless it is used with an OpenSSL version that includes the changes from this pull request: https://github.com/openssl/openssl/pull/13817...

AZL-42424 CVE-2024-4577 affecting package php for versions less than 8.1.29-1

In PHP versions 8.1. before 8.1.29, 8.2. before 8.2.20, 8.3. before 8.3.8, when using Apache and PHP-CGI on Windows, if the system is set up to use certain code pages, Windows may use "Best-Fit" behavior to replace characters in command line given to Win32 API functions. PHP CGI module may...

PT-2019-12154 · Php +1 · Php +1

Name of the Vulnerable Software and Affected Versions: PHP versions 7.3.x through 7.3.12 PHP version 7.4.0 Description: The issue arises when custom headers are supplied to the mail function in lowercase, resulting in double-freeing certain memory locations due to a mistake introduced in a specif...

seoPanel 2.2.1 Cross Site Request Forgery

1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : 1337day.com 0 1 + Support e-mail :...

Maxs Photo Album - Arbitrary File Upload

Maxs Photo Album - Arbitrary File Upload ======================================================================================== | Title : Max's Photo Album Shell Upload Vulnerability | Author : indoushka | email : [email protected] | Home : Souk Naamane - 04325 - Oum El Bouaghi - Algeria...