BIT-PHP-2021-21707 Special characters break path parsing in XML functions

In PHP versions 7.3.x below 7.3.33, 7.4.x below 7.4.26 and 8.0.x below 8.0.13, certain XML parsing functions, like simplexmlloadfile, URL-decode the filename passed to them. If that filename contains URL-encoded NUL character, this may cause the function to interpret this as the end of the...

Ubuntu 16.04 ESM : PHP vulnerabilities (USN-5300-1)

The remote Ubuntu 16.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5300-1 advisory. It was discovered that PHP incorrectly handled certain scripts. An attacker could possibly use this issue to cause a denial of service. CVE-2015-9253,...

PHP 5.0.0 simplexml_load_file() Denial Of Service

...

PHP 5.0.0 - 'simplexml_load_file()' Local Denial of Service

...

PHP 5.0.0 - 'simplexml_load_file()' Local Denial of Service

Exploit for php platform in category dos / poc 0day.today 2018-02-02...

PHP 5.0.0 - simplexml_load_file() Local Denial of Service

PHP 5.0.0 - simplexmlloadfile Local Denial of Service...

Manx 1.0.1 Directory Traversal

Manx cms.xml 1.0.1 simplexmlloadfile Directory Traversal Vulnerability Vendor: Paul Jova Product web page: http://manx.jovascript.com Affected version: 1.0.1 Summary: Manx is a Content Management System that uses xml text files to store the page contents, instead of a mysql database. Desc: Input...