SUSE SLES12 Security Update : php5 (SUSE-SU-2020:0522-1)

This update for php5 fixes the following issues : Security issues fixed : CVE-2019-11041: Fixed heap buffer over-read in exifscanthumbnail bsc1146360. CVE-2019-11042: Fixed heap buffer over-read in exifprocessusercomment bsc1145095. CVE-2019-11043: Fixed possible remote code execution via...

Debian DLA-2124-1 : php5 security update

Two issues have been found in php5, a server-side, HTML-embedded scripting language. Both issues are related to crafted data that could lead to reading after an allocated buffer and result in information disclosure or crash. For Debian 8 'Jessie', these problems have been fixed in version...

Debian: Security Advisory (DLA-2124-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 2124-1] php5 security update

Package : php5 Version : 5.6.40+dfsg-0+deb8u9 CVE ID : CVE-2020-7059 CVE-2020-7060 Two issues have been found in php5, a server-side, HTML-embedded scripting language. Both issues are related to crafted data that could lead to reading after an allocated buffer and result in information disclosure...

DLA-2124-1 php5 - security update

Bulletin has no description...

USN-4239-1: PHP vulnerabilities

It was discovered that PHP incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 ESM, 16.04 LTS, 18.04 LTS, 19.04 and 19.10. CVE-2019-11045 It was discovered that PHP incorrectly handled certain inputs. An...

Debian DLA-2050-1 : php5 security update

Several security bugs have been identified and fixed in php5, a server-side, HTML-embedded scripting language. The affected components include the exif module and handling of filenames with \0 embedded. For Debian 8 'Jessie', these problems have been fixed in version 5.6.40+dfsg-0+deb8u8. We...

Debian: Security Advisory (DLA-2050-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 2050-1] php5 security update

Package : php5 Version : 5.6.40+dfsg-0+deb8u8 CVE ID : CVE-2019-11045 CVE-2019-11046 CVE-2019-11047 CVE-2019-11050 Several security bugs have been identified and fixed in php5, a server-side, HTML-embedded scripting language. The affected components include the exif module and handling of filenam...

DLA-2050-1 php5 - security update

Bulletin has no description...

Exploit for Unrestricted Upload of File with Dangerous Type in Verot_Project Verot

CVE-2019-19634 - class.upload.php = 2.0.4 Arbitrary file uplo...

CVE-2010-4657

PHP5 before 5.4.4 allows passing invalid utf-8 strings via the xmlTextWriterWriteAttribute, which are then misparsed by libxml2. This results in memory leak into the resulting output...

Memory corruption

PHP5 before 5.4.4 allows passing invalid utf-8 strings via the xmlTextWriterWriteAttribute, which are then misparsed by libxml2. This results in memory leak into the resulting output...

CVE-2010-4657

PHP5 before 5.4.4 allows passing invalid utf-8 strings via the xmlTextWriterWriteAttribute, which are then misparsed by libxml2. This results in memory leak into the resulting output...

CVE-2010-4657

PHP5 before 5.4.4 allows passing invalid utf-8 strings via the xmlTextWriterWriteAttribute, which are then misparsed by libxml2. This results in memory leak into the resulting output...

Debian DLA-1970-1 : php5 security update

Emil Lerner, beched and d90pwn found a buffer underflow in php5-fpm, a Fast Process Manager for the PHP language, which can lead to remote code execution. Instances are vulnerable depending on the web server configuration, in particular PATHINFO handling. For a full list of preconditions, check:...

Debian: Security Advisory (DLA-1970-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 1970-1] php5 security update

Package : php5 Version : 5.6.40+dfsg-0+deb8u7 CVE ID : CVE-2019-11043 Emil Lerner, beched and d90pwn found a buffer underflow in php5-fpm, a Fast Process Manager for the PHP language, which can lead to remote code execution. Instances are vulnerable depending on the web server configuration, in...

DLA-1970-1 php5 - security update

Bulletin has no description...

Chamilo LMS 1.11.8 Shell Upload Exploit

Exploit for php platform in category web applications PHP Test FILE UPLOAD'; $tgtdir = "uploads/"; $tgtfile = $tgtdir.basename$FILES'fileToUpload''name'; echo "TARGET FILE= ".$tgtfile; //$filename = $FILES'fileToUpload''name'; echo "FILE NAME FROM VARIABLE:- ".$FILES"fileToUpload""name...