EUVD-2025-19906

Malicious code in bioql PyPI...

CVE-2025-34061

A backdoor in PHPStudy versions 2016 through 2018 allows unauthenticated remote attackers to execute arbitrary PHP code on affected installations. The backdoor listens for base64-encoded PHP payloads in the Accept-Charset HTTP header of incoming requests, decodes and executes the payload without...

CVE-2025-34061

A backdoor in PHPStudy versions 2016 through 2018 allows unauthenticated remote attackers to execute arbitrary PHP code on affected installations. The backdoor listens for base64-encoded PHP payloads in the Accept-Charset HTTP header of incoming requests, decodes and executes the payload without...

CVE-2025-34061 PHPStudy 2016-2018 Backdoor Remote Code Execution Vulnerability

A backdoor in PHPStudy versions 2016 through 2018 allows unauthenticated remote attackers to execute arbitrary PHP code on affected installations. The backdoor listens for base64-encoded PHP payloads in the Accept-Charset HTTP header of incoming requests, decodes and executes the payload without...

CVE-2025-34061 PHPStudy 2016-2018 Backdoor Remote Code Execution Vulnerability

A backdoor in PHPStudy versions 2016 through 2018 allows unauthenticated remote attackers to execute arbitrary PHP code on affected installations. The backdoor listens for base64-encoded PHP payloads in the Accept-Charset HTTP header of incoming requests, decodes and executes the payload without...

CVE-2025-34061

Summary of CVE-2025-34061 (PHPStudy backdoor RCE) : A backdoor in PHPStudy versions 2016–2018 allows unauthenticated remote code execution by decoding and executing base64-encoded PHP payloads sent in the Accept-Charset HTTP header, running as the web server user. This is triggered by requests co...

PT-2025-27824 · Phpstudy · Phpstudy

Name of the Vulnerable Software and Affected Versions: PHPStudy versions 2016 through 2018 Description: A backdoor in PHPStudy allows unauthenticated remote attackers to execute arbitrary PHP code on affected installations. The backdoor listens for base64-encoded PHP payloads in the Accept-Charse...

Henan Xiaopi PHPStudy 安全漏洞

Henan Xiaopi PHPStudy is a program integration package for PHP debugging environment from Henan Xiaopi Henan Xiaopi, a Chinese company. A security vulnerability exists in Henan Xiaopi PHPStudy versions 2016 through 2018 that stems from a backdoor that allows an unauthenticated remote attacker to...

phpstudy-linux SQL Injection Vulnerability

phpstudy-linux is a version of PhpStudy linux, a program integration package for the PHP debugging environment. phpstudy-linux is vulnerable to SQL injection, which can be exploited by attackers to obtain sensitive database information...

CVE-2020-18878

Directory Traversal in Skycaiji v1.3 allows remote attackers to obtain sensitive information via the component 'index.php?m=admin&c=Tool&a=log&file=D%3A%5CphpStudy%5CWWW%5Cindex.php'...

edusrc_POC

This repository contains a collection of Python scripts, each designed to exploit vulnerabilities in various web applications. The scripts are written in Chinese and appear to be intended for use on Chinese-language systems. The scripts are categorized into several groups, each targeting a specif...

Logic flaw vulnerability in phpstudy-linux panel

The phpstudy-linux panel is a server environment building as well as management tool for Linux servers. A logic flaw vulnerability exists in phpstudy-linux panel. An attacker can exploit the vulnerability to add arbitrary administrators...

PHPStudy suffers from nginx parsing vulnerability

PHPStudy is a program integration package for PHP debugging environment. PHPStudy suffers from a nginx parsing vulnerability, which can be exploited by an attacker to cause arbitrary code execution via the upload function by uploading legitimate file types containing malicious code to the server...

PHPStudy - Backdoor Remote Code execution Exploit

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "PHPStudy Backdoor Remote Code execution", 'Description' = %q This module can detect and exploit the backdoor of PHPStudy. , 'License' = MSFLICENS...

PHPStudy - Backdoor Remote Code execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "PHPStudy Backdoor Remote Code execution", 'Description' = %q This module can detect and exploit the backdoor of PHPStudy. , 'License' = MSFLICENS...

PHPStudy Backdoor Remote Code execution

This module can detect and exploit the backdoor of PHPStudy. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'PHPStudy Backdoor Remote Code execution', 'Description' = %q This module can detect...

PhpStudy Web Server Remote Code Execution

A remote code execution vulnerability exists in PhpStudy library. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

phpStudy has a dll hijacking vulnerability

phpStudy is a program integration package for PHP debugging environment. A dll hijacking vulnerability exists in phpStudy. An attacker can exploit the vulnerability to cause code execution...

DVWA Pro-test CSRF vulnerability-vulnerability warning-the black bar safety net

CSRF is a cross-site request forgery, i.e., a user at A site after login in the same client of the Site B using the vulnerability to get A site's Cookie and other authentication information, and forgery as legitimate identity request to A site. This article in the local environment, carry out the...

phpstudy.php.cn XSS vulnerability

Open Bug Bounty ID: OBB-645357 Description| Value ---|--- Affected Website:| phpstudy.php.cn Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...