3 matches found
Exploit for Out-of-bounds Write in Php
This is an exploit module for a bug in php-fpm CVE-2019-11043. The bug is possible to trigger from the outside in certain nginx + php-fpm configurations, allowing a web user to execute code if the configuration is vulnerable. The exploit targets the "PHPVALUE" directive in the php.ini file, which...
Exploit for Out-of-bounds Write in Php
This is an exploit module for a bug in php-fpm CVE-2019-11043. The bug is possible to trigger from the outside in certain nginx + php-fpm configurations, allowing a web user to execute code if the configuration is vulnerable. The exploit targets the "shortopentag" and "htmlerrors" php.ini setting...
Invision Power Board <= 3.3.4 unserialize Regex Bypass
No description provided by source. ?php / So this is the patch that sanitizes, static public function safeUnserialize $serialized // unserialize will return false for object declared with small cap o // as well as if there is any ws between O and : if isstring $serialized && strpos $serialized, \...