CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

14 matches found

FreeBSD•added 2024/09/26 12:0 a.m.•25 views

php -- Multiple vulnerabilities

php.net reports: CVE-2024-8926: CGI: Fixed bug GHSA-9pqp-7h25-4f32 Bypass of CVE-2024-4577, Parameter Injection Vulnerability. CVE-2024-8927: CGI: Fixed bug GHSA-94p6-54jq-9mwp cgi.forceredirect configuration is bypassable due to the environment variable collision. CVE-2024-9026: FPM: Fixed bug...

8.8CVSS10AI score0.02711EPSS

Exploits5References1

Openbugbounty•added 2024/04/09 9:28 a.m.•7 views

j-php.net Cross Site Scripting vulnerability OBB-3911651

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score

Exploits0

UbuntuCve•added 2019/12/23 3:15 a.m.•45 views

CVE-2019-11050

When PHP EXIF extension is parsing EXIF information from an image, e.g. via exifreaddata function, in PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure o...

6.5CVSS6.8AI score0.03196EPSS

Exploits1References3

Openbugbounty•added 2018/11/14 12:12 a.m.•9 views

objective-php.net XSS vulnerability

Open Bug Bounty ID: OBB-698203 Description| Value ---|--- Affected Website:| objective-php.net Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| hidden until disclosure Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| hidde...

Exploits0

ThreatPost•added 2014/01/08 8:0 a.m.•16 views

Blackhole Exploit Kit Successor Years Away

It should shock no one that a viable successor to the Blackhole exploit kit has yet to emerge in the criminal underground. It’s been less than three months since the arrest of its alleged creator Paunch sent cybercriminals reliant on the toolkit scrambling for a replacement. And like any profitab...

0.2AI score

Exploits0References5

ThreatPost•added 2013/12/18 10:0 a.m.•17 views

DGA Changer Malware Able to Modify Domain-Generation Seed on the Fly

Malware authors have been using domain-generation algorithms for a few years now, often in botnet-related malware that needs to stay one step ahead of takedown attempts and law enforcement agencies. Now, researchers have discovered that a strain of malware that may have been part of the attack in...

0.5AI score

Exploits0References3

The Hacker News•added 2013/10/24 2:30 a.m.•15 views

Google detected Malware on PHP.net website; Flagged as 'Suspicious' site

None...

7AI score

Exploits0

UbuntuCve•added 2011/08/25 12:0 a.m.•25 views

CVE-2011-3182

PHP before 5.3.7 does not properly check the return values of the malloc, calloc, and realloc library functions, which allows context-dependent attackers to cause a denial of service NULL pointer dereference and application crash or trigger a buffer overflow by leveraging the ability to provide a...

5CVSS6.2AI score0.02014EPSS

Exploits1References2

The Hacker News•added 2011/03/18 3:26 p.m.•13 views

Php.net was compromised, and php source backdoored !

Update : The PHP Group has confirmed the compromise of their server ! : The Hacker News Php.net was compromised and php source backdoored ! The picture show that some php.net site was compromised,and hacker backdoored php source...

7AI score

Exploits0

OpenVAS•added 2011/01/24 12:0 a.m.•42 views

FreeBSD Ports: php5-imap

The remote host is missing an update to the system as announced in the referenced advisory. VID 1a0704e7-0edf-11e0-becc-0022156e8794 OpenVAS Vulnerability Test $ Description: Auto generated from VID 1a0704e7-0edf-11e0-becc-0022156e8794 Authors: Thomas Reinke Copyright: Copyright c 2011 E-Soft Inc...

5CVSS6.8AI score0.16659EPSS

Exploits0

OpenVAS•added 2010/04/19 12:0 a.m.•27 views

PHP 4.4.x < 4.4.9, 5.2.x < 5.2.8 DoS Vulnerability

PHP is prone to a denial of service DoS vulnerability because the application fails to handle certain file requests. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

5CVSS7.3AI score0.1412EPSS

Exploits1References4

0day.today•added 2009/03/23 12:0 a.m.•4200 views

PHPizabi v0.848b C1 HFP1-3 Remote Command Execution Exploit

Exploit for unknown platform in category web applications =========================================================== PHPizabi v0.848b C1 HFP1-3 Remote Command Execution Exploit =========================================================== !/usr/bin/php ?php / Found this after getting my inet back...

7.1AI score0.04627EPSS

Exploits7

xssed•added 2007/05/21 12:0 a.m.•13 views

Unfixed XSS vulnerability at www.asp-php.net

Security researcher zuppergazi, has submitted on 21/05/2007 a cross-site-scripting XSS vulnerability affecting www.asp-php.net, which at the time of submission ranked 30277 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 22/05/2007. It is...

6.6AI score

Exploits0References1