Debian: Security Advisory (DLA-1928-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 1928-1] php5 security update

Package : php5 Version : 5.6.40+dfsg-0+deb8u6 Debian Bug : 805222 An update has been made to php5, a server-side, HTML-embedded scripting language. Specficially, as reported in 805222, the ability to build extensions in certain older versions of PHP within Debian has been hindered by an upstream...

CVE-2019-16720

ZZZCMS zzzphp v1.7.2 does not properly restrict file upload in plugins/ueditor/php/controller.php?upfolder=news&action=catchimage, as demonstrated by uploading a .htaccess or .php5 file...

Default credentials

ZZZCMS zzzphp v1.7.2 does not properly restrict file upload in plugins/ueditor/php/controller.php?upfolder=news&action=catchimage, as demonstrated by uploading a .htaccess or .php5 file...

CVE-2019-16720

ZZZCMS zzzphp v1.7.2 does not properly restrict file upload in plugins/ueditor/php/controller.php?upfolder=news&action=catchimage, as demonstrated by uploading a .htaccess or .php5 file...

DLA-1928-1 php5 - security update

Bulletin has no description...

USN-4097-2: PHP vulnerabilities

USN-4097-1 fixed several vulnerabilities in php5. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: It was discovered that PHP incorrectly handled certain images. An attacker could possibly use this issue to cause a denial of servi...

Debian: Security Advisory (DLA-1878-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DLA-1878-1 : php5 security update

Two heap buffer overflows were found in the EXIF parsing code of PHP, a widely-used open source general purpose scripting language. For Debian 8 'Jessie', these problems have been fixed in version 5.6.40+dfsg-0+deb8u5. We recommend that you upgrade your php5 packages. NOTE: Tenable Network Securi...

[SECURITY] [DLA 1878-1] php5 security update

Package : php5 Version : 5.6.40+dfsg-0+deb8u5 CVE ID : CVE-2019-11041 CVE-2019-11042 Two heap buffer overflows were found in the EXIF parsing code of PHP, a widely-used open source general purpose scripting language. For Debian 8 "Jessie", these problems have been fixed in version...

DLA-1878-1 php5 - security update

Bulletin has no description...

fuelCMS 1.4.1 - Remote Code Execution Exploit

Exploit for linux platform in category web applications Exploit Title: fuelCMS 1.4.1 - Remote Code Execution Exploit Author: 0xd0ff9 Vendor Homepage: https://www.getfuelcms.com/ Software Link: https://github.com/daylightstudio/FUEL-CMS/releases/tag/1.4.1 Version: = 0 and n 1: start =...

fuelCMS 1.4.1 - Remote Code Execution

fuelCMS 1.4.1 - Remote Code Execution Exploit Title: fuelCMS 1.4.1 - Remote Code Execution Date: 2019-07-19 Exploit Author: 0xd0ff9 Vendor Homepage: https://www.getfuelcms.com/ Software Link: https://github.com/daylightstudio/FUEL-CMS/releases/tag/1.4.1 Version: = 0 and n 1: start =...

fuelCMS 1.4.1 Remote Code Execution

Exploit Title: fuelCMS 1.4.1 - Remote Code Execution Date: 2019-07-19 Exploit Author: 0xd0ff9 Vendor Homepage: https://www.getfuelcms.com/ Software Link: https://github.com/daylightstudio/FUEL-CMS/releases/tag/1.4.1 Version: = 0 and n 1: start = haystack.findneedle, start+1 n -= 1 return start...

SUSE SLES12 Security Update : php5 (SUSE-SU-2019:1746-1)

This update for php5 fixes the following issues : Security issues fixed : CVE-2019-11039: Fixed a heap-buffer-overflow on phpjpgget16 bsc1138173. CVE-2019-11040: Fixed an out-of-bounds read due to an integer overflow in iconv.c:phpiconvmimedecode bsc1138172. CVE-2015-1351: Fixed a use after free ...

SUSE-SU-2019:1746-1 Security update for php5

This update for php5 fixes the following issues: Security issues fixed: - CVE-2019-11039: Fixed a heap-buffer-overflow on phpjpgget16 bsc1138173. - CVE-2019-11040: Fixed an out-of-bounds read due to an integer overflow in iconv.c:phpiconvmimedecode bsc1138172. - CVE-2015-1351: Fixed a use after...

Debian DLA-1813-1 : php5 security update

Two vulnerabilities were found in PHP, a widely-used open source general purpose scripting language. CVE-2019-11039 An integer underflow in the iconv module could be exploited to trigger an out of bounds read. CVE-2019-11040 A heap buffer overflow was discovered in the EXIF parsing code. For Debi...

Debian: Security Advisory (DLA-1813-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE: Security Advisory for php5 (openSUSE-SU-2019:1503-1)

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

openSUSE Security Update : php5 (openSUSE-2019-1503)

This update for php5 fixes the following issues : Security issues fixed : - CVE-2019-11034: Fixed a heap-buffer overflow in phpifdget32si bsc1132838. - CVE-2019-11035: Fixed a heap-buffer overflow in exifiifaddvalue bsc1132837. - CVE-2019-9637: Fixed a potential information disclosure in rename...