CVE-2017-9118

PHP 7.1.5 has an Out of bounds access in phppcrereplaceimpl via a crafted pregreplace call...

CVE-2017-9118

PHP 7.1.5 has an Out of bounds access in phppcrereplaceimpl via a crafted pregreplace call...

CVE-2017-9118

PHP 7.1.5 has an Out of bounds access in phppcrereplaceimpl via a crafted pregreplace call...

Out-of-bounds

PHP 7.1.5 has an Out of bounds access in phppcrereplaceimpl via a crafted pregreplace call...

UBUNTU-CVE-2017-9118

PHP 7.1.5 has an Out of bounds access in phppcrereplaceimpl via a crafted pregreplace call...

CVE-2017-9118

PHP 7.1.5 has an Out of bounds access in phppcrereplaceimpl via a crafted pregreplace call...

CVE-2017-9118

Removed by vendor...

CVE-2018-13849

editrequests.php in yTakkar Instagram-clone through 2018-04-23 has XSS via an onmouseover payload because of an inadequate XSS protection mechanism based on pregreplace...

CVE-2018-13849

editrequests.php in yTakkar Instagram-clone through 2018-04-23 has XSS via an onmouseover payload because of an inadequate XSS protection mechanism based on pregreplace...

Web Servers PHPMyAdmin Remote Code Execution (CVE-2016-5734)

A remote code execution vulnerability exists in PHPMyAdmin. The vulnerability is caused due to incorrect choosing of delimiters to prevent use of the pregreplace function. Successful exploitation of this vulnerability will allow execution of arbitrary PHP code...

PT-2018-8490 · Php +5 · Php +5

Name of the Vulnerable Software and Affected Versions: PHP version 7.1.5 Netapp storage automation store affected versions not specified Description: The issue is related to an out of bounds access in the php pcre replace impl function via a crafted preg replace call. There is also a mention of a...

php code audits preg_replace throw phpmyadmin(4.3.0-4.6.2)command execution vulnerability-vulnerability warning-the black bar safety net

Days thaw letter Alpha lab Li Zhe Here take the cve-2 0 1 6-5 7 3 4 talk about pregreplace triggered command execution vulnerability, the vulnerability in exploit-db, to help with the script, after the test no problem. Here on this vulnerability is about back tracking to explain the pregreplace...

DEBIAN-CVE-2016-5734

phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3 does not properly choose delimiters to prevent use of the pregreplace e aka eval modifier, which might allow remote attackers to execute arbitrary PHP code via a crafted string, as demonstrated by the table...

CVE-2016-5734

phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3 does not properly choose delimiters to prevent use of the pregreplace e aka eval modifier, which might allow remote attackers to execute arbitrary PHP code via a crafted string, as demonstrated by the table...

CVE-2016-5734

phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3 does not properly choose delimiters to prevent use of the pregreplace e aka eval modifier, which might allow remote attackers to execute arbitrary PHP code via a crafted string, as demonstrated by the table...

UBUNTU-CVE-2016-5734

phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3 does not properly choose delimiters to prevent use of the pregreplace e aka eval modifier, which might allow remote attackers to execute arbitrary PHP code via a crafted string, as demonstrated by the table...

CVE-2016-5734

phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3 does not properly choose delimiters to prevent use of the pregreplace e aka eval modifier, which might allow remote attackers to execute arbitrary PHP code via a crafted string, as demonstrated by the table...

phpMyAdmin Arbitrary Code Execution Vulnerability

phpMyAdmin is a free, web-based MySQL database management tool developed by the phpMyAdmin team. The tool is capable of creating and deleting databases, creating, deleting, and modifying database tables, executing SQL script commands, and more. A security vulnerability exists in phpMyAdmin that...

Unsafe handling of preg_replace parameters

PMASA-2016-27 Announcement-ID: PMASA-2016-27 Date: 2016-06-23 Summary Unsafe handling of pregreplace parameters Description In some versions of PHP, it's possible for an attacker to pass parameters to the pregreplace function which can allow the execution of arbitrary PHP code. This code is not...

CMSimple CMS: source code security analysis report

Several vulnerabilities were discovered in CMSimple 'CMSimple CMS' software: File System Path Manipulation Incorrect User Input Filtration when Using Regular Expressions while Calling the pregreplace Function Using Global Variables Using Insufficiently Random Generators in Cryptography HttpOnly...