openSUSE 15 Security Update : php8-pear (SUSE-SU-2022:3198-2)

The remote openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2022:3198-2 advisory. - In ArchiveTar before 1.4.14, symlinks can refer to targets outside of the extracted archive, a different vulnerability than CVE-2020-36193. CVE-2021-32610...

SUSE-SU-2022:3198-2 Security update for php8-pear

This update for php8-pear fixes the following issues: - Add php8-pear to SLE15-SP4 jscSLE-24728 - Update to 1.10.21 - PEAR 1.10.13 unsupported protocol - use --force to continue Add $this operator to determineIfPowerpc calls - Update to 1.10.20 - ArchiveTar 1.4.14 Properly fix symbolic link path...

Online Food Ordering System 2.0 Shell Upload

Exploit Title: Online Food Ordering System v2 - Remote Code Execution RCE Unauthenticated Date: 01/11/2023 Exploit Author: Onurcan Alcan Vendor Homepage: https://www.sourcecodester.com/php/16022/online-food-ordering-system-v2-using-php8-and-mysql-free-source-code.html Software Link:...

Online Food Ordering System 2.0 SQL Injection

Exploit Title: Online Food Ordering System v2 - Sql Injection Time-Based Blind Date: 01/11/2023 Exploit Author: Hasan Baskın Vendor Homepage: https://www.sourcecodester.com/php/16022/online-food-ordering-system-v2-using-php8-and-mysql-free-source-code.html Software Link:...

SUSE SLES15 / openSUSE 15 Security Update : php8 (SUSE-SU-2023:0074-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:0074-1 advisory. - php: PDO::quote may return unquoted string due to an integer overflow CVE-2022-31631 Note that Nessus has not tested for thi...

SUSE: Security Advisory (SUSE-SU-2023:0074-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2023:0074-1 Security update for php8

This update for php8 fixes the following issues: - Updated to version 8.0.27: - CVE-2022-31631: Fixed an issue where PDO::quote would return an unquoted string bsc1206958. Non-security fixes: - Fixed a NULL pointer dereference with -w/-s options. - Fixed a crash in Generator when interrupted duri...

Online Food Ordering System 2.0 Cross Site Scripting

Exploit Title: Online Food Ordering System v2 - Stored Cross Site Scripting XSS Date: 01/11/2023 Exploit Author: Alaeddin Berksoy Vendor Homepage: https://www.sourcecodester.com/php/16022/online-food-ordering-system-v2-using-php8-and-mysql-free-source-code.html Software Link:...

Online Food Ordering System 2.0 SQL Injection Vulnerability

Exploit Title: Online Food Ordering System v2 - Sql Injection Time-Based Blind Exploit Author: Anıl Kızıltan Vendor Homepage: https://www.sourcecodester.com/php/16022/online-food-ordering-system-v2-using-php8-and-mysql-free-source-code.html Software Link:...

SUSE SLES15 Security Update : php8 (SUSE-SU-2022:4005-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:4005-1 advisory. - In PHP versions prior to 7.4.33, 8.0.25 and 8.2.12, when using imageloadfont function in gd extension, it is possible to supply a...

SUSE: Security Advisory (SUSE-SU-2022:4005-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2022:4005-1 Security update for php8

This update for php8 fixes the following issues: - CVE-2022-37454: Fixed buffer overflow in hashupdate on long parameter bug81738 bsc1204577. - CVE-2022-31630: Fixed OOB read due to insufficient input validation in imageloadfont bug81739 bsc1204979. - version update to 8.0.25 27 Oct 2022 Session:...

Arbitrary Code Execution

php8 is vulnerable to code executions. The vulnerability exists in imageloadfont function due to insufficient input validation which allows a remote attacker to execute arbitrary code via the Hardware Layer Code Box component on the /hardware page of the application...

SUSE SLES15 Security Update : php8 (SUSE-SU-2022:3661-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3661-1 advisory. - In PHP versions 7.3.x up to and including 7.3.31, 7.4.x below 7.4.25 and 8.0.x below 8.0.12, when running PHP FPM SAPI with main...

SUSE: Security Advisory (SUSE-SU-2022:3661-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2022:3661-1 Security update for php8

This update for php8 fixes the following issues: - php8 was updated to version 8.0.24 - php8 was updated to version 8.0.23 jscSLE-23639. - CVE-2021-21703: Fixed a local privilege escalation via PHP-FPM. bsc1192050 - CVE-2022-31628: Fixed an uncontrolled recursion in the phar uncompressor while...

OPENSUSE-SU-2022:10148-1 Security update for roundcubemail

This update for roundcubemail fixes the following issues: roundcubemail was updated to 1.5.3 Enigma: Fix initial synchronization of private keys Enigma: Fix double quoted-printable encoding of pgp-signed messages with no attachments 8413 Fix various PHP8 warnings 8392 Fix mail headers injection v...

Security update for roundcubemail (important)

openSUSE Security Update: Security update for roundcubemail Announcement ID: openSUSE-SU-2022:10148-1 Rating: important References: 1180132 1180399 Cross-References: CVE-2019-10740 CVE-2020-12641 CVE-2020-16145 CVE-2020-35730 CVSS scores: CVE-2019-10740 NVD : 4.3...

SUSE SLES15 Security Update : php8-pear (SUSE-SU-2022:3198-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:3198-1 advisory. - In ArchiveTar before 1.4.14, symlinks can refer to targets outside of the extracted archive, a different vulnerability than CVE-2020-36193...

SUSE: Security Advisory (SUSE-SU-2022:3198-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...