Exploit for Out-of-bounds Write in Php

This is an exploit module for a bug in php-fpm CVE-2019-11043. The bug is possible to trigger from the outside in certain nginx + php-fpm configurations, allowing a web user to execute code if the configuration is vulnerable. The exploit targets the "shortopentag" and "htmlerrors" php.ini setting...

PHP-FPM 7.x Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'PHP-FPM Underflow RCE', 'Description' = %q This module exploits an underflow vulnerability in versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and...

PT-2019-4298

Name of the Vulnerable Software and Affected Versions PHP versions prior to 7.1.33 PHP versions prior to 7.2.24 PHP versions prior to 7.3.11 Description The issue is related to a buffer overflow vulnerability in the PHP-FPM component, which can be exploited to execute arbitrary commands on a...