104 matches found
CVE-2016-10802
cPanel before 58.0.4 allows code execution in the context of other user accounts through the PHP CGI handler SEC-142...
CVE-1999-0058
Buffer overflow in PHP cgi program, php.cgi allows shell access...
Exploit for OS Command Injection in Php
CVE-2024-4577 - PHP CGI Argument Injection Detection Lab A co...
EUVD-2014-9248
Malware in sbrugna...
EUVD-2016-1796
Malware in sbrugna...
EUVD-1999-0058
Malware in sbrugna...
Exploit for OS Command Injection in Php
CVE-2024-4577 - PHP CGI Argument Injection RCE Summary CV...
Exploit for OS Command Injection in Php
CVE-2024-4577 PHP CGI Remote Code Execution Exploit Author:...
PHP CGI Module 8.3.4 - Remote Code Execution (RCE)
!/usr/bin/env python3 Exploit Title: PHP CGI Module 8.3.4 - Remote Code Execution RCE Date: 2025-06-13 Exploit Author: @ibrahimsql Exploit Author's github: https://github.com/yigitsql old account banned Vendor Homepage: https://www.php.net/ Software Link: https://www.php.net/downloads Version: PH...
Exploit for OS Command Injection in Php
CVE-2024-4577 usage: CVE-2024-4577.py -h -v RHOST RPO...
Exploit for OS Command Injection in Php
PHP-CGI Injector 🚀 CVE-2024-4577 & CVE-2024-8926 Exploit To...
PHP-CGI RCE Flaw Exploited in Attacks on Japan's Tech, Telecom, and E-Commerce Sectors
Threat actors of unknown provenance have been attributed to a malicious campaign predominantly targeting organizations in Japan since January 2025. "The attacker has exploited the vulnerability CVE-2024-4577, a remote code execution RCE flaw in the PHP-CGI implementation of PHP on Windows, to gai...
Linux Distros Unpatched Vulnerability : CVE-2014-9427
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - sapi/cgi/cgimain.c in the CGI component in PHP through 5.4.36, 5.5.x through 5.5.20, and 5.6.x through 5.6.4, when mmap is used to read a .php file, does not...
SUSE CVE-2024-4577
In PHP versions 8.1. before 8.1.29, 8.2. before 8.2.20, 8.3. before 8.3.8, when using Apache and PHP-CGI on Windows, if the system is set up to use certain code pages, Windows may use "Best-Fit" behavior to replace characters in command line given to Win32 API functions. PHP CGI module may...
BIT-PHP-MIN-2024-4577 Argument Injection in PHP-CGI
In PHP versions 8.1. before 8.1.29, 8.2. before 8.2.20, 8.3. before 8.3.8, when using Apache and PHP-CGI on Windows, if the system is set up to use certain code pages, Windows may use "Best-Fit" behavior to replace characters in command line given to Win32 API functions. PHP CGI module may...
Mageia: Security Advisory (MGASA-2024-0375)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2024-8927
A flaw was found in PHP. The configuration directive cgi.forceredirect prevents anyone from calling PHP directly with a URL such as http://host.example/cgi-bin/php/secretdir/script.php. However, in certain uncommon configurations, an attacker may be able to bypass this restriction and access...
Exploit for OS Command Injection in Php
CVE-2024-4577 Vulnerability Checker The CVE-2024-4577 Vulnera...
PHP 8.1.x < 8.1.30 Multiple Vulnerabilities
The version of PHP installed on the remote host is prior to 8.1.30. It is, therefore, affected by multiple vulnerabilities as referenced in the Version 8.1.30 advisory. - In PHP versions 8.1. before 8.1.30, 8.2. before 8.2.24, 8.3. before 8.3.12, when using a certain non- standard configurations ...
Exploit for OS Command Injection in Php
PHP CGI Argument Injection CVE-2024-4577 RCE 📜 Descripti...