WordPress Core 4.9.6 - (Authenticated) Arbitrary File Deletion

WordPress Core 4.9.6 - Authenticated Arbitrary File Deletion Exploit Title: Wordpress = 4.9.6 Arbitrary File Deletion Vulnerability Date: 2018-06-27 Exploit Author: VulnSpy Vendor Homepage: http://www.wordpress.org Software Link: http://www.wordpress.org/download Version: = 4.9.6 Tested on: php7...

WordPress Core < 4.9.6 - (Authenticated) Arbitrary File Deletion

Exploit Title: Wordpress = 4.9.6 Arbitrary File Deletion Vulnerability Date: 2018-06-27 Exploit Author: VulnSpy Vendor Homepage: http://www.wordpress.org Software Link: http://www.wordpress.org/download Version: = 4.9.6 Tested on: php7 mysql5 CVE : Step 1: curl -v...

phpMyAdmin 4.8.1 Code Execution / Local File Inclusion Vulnerabilities

Exploit for php platform in category web applications Exploit Title: phpMyAdmin 4.8.1 - Local File Inclusion to Remote Code Execution Exploit Author: VulnSpy Vendor Homepage: http://www.phpmyadmin.net Software Link: https://github.com/phpmyadmin/phpmyadmin/archive/RELEASE481.tar.gz Version: 4.8.0...

phpMyAdmin 4.8.1 - (Authenticated) Local File Inclusion (2)

Exploit Title: phpMyAdmin 4.8.1 - Local File Inclusion to Remote Code Execution Date: 2018-06-21 Exploit Author: VulnSpy Vendor Homepage: http://www.phpmyadmin.net Software Link: https://github.com/phpmyadmin/phpmyadmin/archive/RELEASE481.tar.gz Version: 4.8.0, 4.8.1 Tested on: php7 mysql5 CVE :...

Security update for php7 (important)

This update for php7 fixes the following issues: Security issues fixed: - CVE-2018-10545: Fix access controls in FPM child processes bsc1091367. - CVE-2018-10547: Fix Reflected XSS on the PHAR 403 and 404 error pages bsc1091362. - CVE-2018-10546: Fix an infinite loop exists in ext/iconv/iconv.c...

openSUSE: Security Advisory for php7 (openSUSE-SU-2018:1207-1)

The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

openSUSE Security Update : php7 (openSUSE-2018-441)

This update for php7 fixes the following issues : Security issues fixed : - CVE-2018-10545: Fix access controls in FPM child processes bsc1091367. - CVE-2018-10547: Fix Reflected XSS on the PHAR 403 and 404 error pages bsc1091362. - CVE-2018-10546: Fix an infinite loop exists in ext/iconv/iconv.c...

SUSE-SU-2018:1176-1 Security update for php7

This update for php7 fixes the following issues: Security issues fixed: - CVE-2018-10545: Fix access controls in FPM child processes bsc1091367. - CVE-2018-10547: Fix Reflected XSS on the PHAR 403 and 404 error pages bsc1091362. - CVE-2018-10546: Fix an infinite loop exists in ext/iconv/iconv.c...

openSUSE Security Update : php7 (openSUSE-2018-244)

This update for php7 provides the following fix : Security issues fixed : - CVE-2018-7584: Fixed stack-based buffer under-read while parsing an HTTPresponse in the phpstreamurlwraphttpex bsc1083639. Bug fixes : - Fix a memory leak in the pgescapebytea function of the pgsql extension. bsc1076970...

SUSE-SU-2018:0646-1 Security update for php7

This update for php7 provides the following fix: Security issues fixed: - CVE-2018-7584: Fixed stack-based buffer under-read while parsing an HTTPresponse in the phpstreamurlwraphttpex bsc1083639. Bug fixes: - Fix a memory leak in the pgescapebytea function of the pgsql extension. bsc1076970...

openSUSE Security Update : php7 (openSUSE-2018-119)

This update for php7 fixes several issues. These security issues were fixed : - CVE-2018-5712: Prevent reflected XSS on the PHAR 404 error page via the URI of a request for a .phar file that allowed for information disclosure bsc1076220. - CVE-2018-5711: Prevent integer signedness error that coul...

SUSE-SU-2018:0308-1 Security update for php7

This update for php7 fixes several issues. These security issues were fixed: - CVE-2018-5712: Prevent reflected XSS on the PHAR 404 error page via the URI of a request for a .phar file that allowed for information disclosure bsc1076220. - CVE-2018-5711: Prevent integer signedness error that could...

openSUSE Security Update : php7 (openSUSE-2017-1353)

This update for php7 fixes the following issues : Security issues fixed : - CVE-2017-16642: Fix timelibmeridian error that could be used to leak information from the interpreter bsc1067441. - CVE-2017-9229: Fix invalid pointer dereference in leftadjustcharhead bsc1069631. - CVE-2017-9228: Fix hea...

SUSE-SU-2017:3237-1 Security update for php7

This update for php7 fixes the following issues: Security issues fixed: - CVE-2017-16642: Fix timelibmeridian error that could be used to leak information from the interpreter bsc1067441. - CVE-2017-9229: Fix invalid pointer dereference in leftadjustcharhead bsc1069631. - CVE-2017-9228: Fix heap...

Security fix for the ALT Linux 8 package php7 version 7.1.11-alt1

Nov. 3, 2017 Anton Farygin 7.1.11-alt1 - 7.1.11 Fixes: CVE-2016-1283...

openSUSE Security Update : php7 (openSUSE-2017-1061)

This update for php7 fixes several issues. These security issues were fixed : - CVE-2017-12932: Prevent heap use after free while unserializing untrusted data, related to improper use of the hash API for key deletion in a situation with an invalid array size. Exploitation of this issue could have...

SUSE-SU-2017:2468-1 Security update for php7

This update for php7 fixes several issues. These security issues were fixed: - CVE-2017-12932: Prevent heap use after free while unserializing untrusted data, related to improper use of the hash API for key deletion in a situation with an invalid array size. Exploitation of this issue could have...

openSUSE: Security Advisory for php7 (openSUSE-SU-2017:2337-1)

The remote host is missing an update for the Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

openSUSE Security Update : php7 (openSUSE-2017-994)

This update for php7 fixes the following issues : - CVE-2016-10397: parseurl can be bypassed to return fake host. bsc1047454 - CVE-2017-11142: Remoteattackers could cause a CPU consumption denial of service attack by injectinglong form variables, related to main/phpvariables. bsc1048100 -...

Security update for php7 (important)

This update for php7 fixes the following issues: - CVE-2016-10397: parseurl can be bypassed to return fake host. bsc1047454 - CVE-2017-11142: Remoteattackers could cause a CPU consumption denial of service attack by injectinglong form variables, related to main/phpvariables. bsc1048100 -...