EUVD-2023-54399

Malicious code in bioql PyPI...

CVE-2023-4544 Byzoro Smart S85F Management Platform php.ini direct request

A vulnerability was found in Byzoro Smart S85F Management Platform up to 20230809. It has been rated as problematic. This issue affects some unknown processing of the file /config/php.ini. The manipulation leads to direct request. The attack may be initiated remotely. The exploit has been disclos...

PHP 7.1.x < 7.1.6 Multiple Vulnerabilities

According to its banner, the version of PHP running on the remote web server is 7.1.x prior to 7.1.6. It is, therefore, affected by the following vulnerabilities : - A flaw exists in zendhashaddorupdatei within file main/phpini.c when handling a malformed php.ini file. An attacker can exploit thi...

PHP 7.0.x < 7.0.20 Multiple Vulnerabilities

According to its banner, the version of PHP running on the remote web server is 7.0.x prior to 7.0.20. It is, therefore, affected by the following vulnerabilities : - A flaw exists in zendhashaddorupdatei within file main/phpini.c when handling a malformed php.ini file. An attacker can exploit th...

Design/Logic Flaw

inimodifier sgid-zendtech in Zend Platform 2.2.3 and earlier allows local users to modify the system php.ini file by editing a copy of php.ini file using the -f parameter, and then performing a symlink attack using the directory that contains the attacker-controlled php.ini file, and linking this...

CVE-2007-1369

inimodifier sgid-zendtech in Zend Platform 2.2.3 and earlier allows local users to modify the system php.ini file by editing a copy of php.ini file using the -f parameter, and then performing a symlink attack using the directory that contains the attacker-controlled php.ini file, and linking this...

CVE-2004-0697

Unknown vulnerability in 4D WebSTAR 5.3.2 and earlier allows remote attackers to read the php.ini configuration file and possibly obtain sensitive information...