CVE-2018-20783

In PHP before 5.6.39, 7.x before 7.0.33, 7.1.x before 7.1.25, and 7.2.x before 7.2.13, a buffer over-read in PHAR reading functions may allow an attacker to read allocated or unallocated memory past the actual data when trying to parse a .phar file. This is related to pharparsepharfile in...

Locations CMS 1.5 SQL Injection

Exploit Title: Locations CMS 1.5 - SQL Injection Dork: N/A Date: 2019-01-13 Exploit Author: Ihsan Sencan Vendor Homepage: https://themerig.com/ Software Link: https://codecanyon.net/item/locations-multipurpose-cms-directory-theme/21098597 Version: 1.0 Category: Webapps Tested on:...

Find a Place CMS Directory 1.5 - SQL Injection

Find a Place CMS Directory 1.5 - SQL Injection Exploit Title: Locations CMS 1.5 - SQL Injection Dork: N/A Date: 2019-01-13 Exploit Author: Ihsan Sencan Vendor Homepage: https://themerig.com/ Software Link: https://codecanyon.net/item/locations-multipurpose-cms-directory-theme/21098597 Version: 1....

Matrix MLM Script 1.0 Information Disclosure

Exploit Title: Matrix MLM Script 1.0 - Information Leakage Dork: N/A Date: 2019-01-10 Exploit Author: Ihsan Sencan Vendor Homepage: https://royallifefoundation.org/ Software Link: https://codecanyon.net/item/mlmpro-multistage-forced-matrix-mlm-script/23050292 Version: 1.0 Category: Webapps Tested...

[slackware-security] php

New php packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: Several security bugs have been fixed in this release: Segfault when using convert.quoted-printable-encode filter. Null pointer dereference i...