BIT-PHP-2021-21707 Special characters break path parsing in XML functions

In PHP versions 7.3.x below 7.3.33, 7.4.x below 7.4.26 and 8.0.x below 8.0.13, certain XML parsing functions, like simplexmlloadfile, URL-decode the filename passed to them. If that filename contains URL-encoded NUL character, this may cause the function to interpret this as the end of the...

The vulnerability of the simplexml_load_file() function in the PHP interpreter allows a hacker to gain unauthorized access to protected information.

The vulnerability of the simplexmlloadfile function in the PHP interpreter is related to insufficient validation of input data. Exploiting this vulnerability may allow an attacker to gain unauthorized access to protected information...

Ubuntu 16.04 ESM : PHP vulnerabilities (USN-5300-1)

The remote Ubuntu 16.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5300-1 advisory. It was discovered that PHP incorrectly handled certain scripts. An attacker could possibly use this issue to cause a denial of service. CVE-2015-9253,...

PHP 5.0.0 simplexml_load_file() Denial Of Service

...

PHP 5.0.0 - simplexml_load_file() Local Denial of Service

PHP 5.0.0 - simplexmlloadfile Local Denial of Service...

PHP 5.0.0 - 'simplexml_load_file()' Local Denial of Service

Exploit for php platform in category dos / poc 0day.today 2018-02-02...

PHP 5.0.0 - 'simplexml_load_file()' Local Denial of Service

...

Manx 1.0.1 Directory Traversal

Manx cms.xml 1.0.1 simplexmlloadfile Directory Traversal Vulnerability Vendor: Paul Jova Product web page: http://manx.jovascript.com Affected version: 1.0.1 Summary: Manx is a Content Management System that uses xml text files to store the page contents, instead of a mysql database. Desc: Input...