Lucene search
K

96 matches found

Exploit DB
Exploit DB
added 2008/06/20 12:0 a.m.39 views

FireAnt 1.3 - 'index.php' Local File Inclusion

Name : FireAnt v1.3 Local File Inclusion Vulnerability Author : cOndemned Dork : use Your brain : Greetz : ZaBeaTy, str0ke, GregStar, irk4z, Sandtalker & Avantura ; Source : // index.php 8. $page = "buglist"; //default page 9. if !empty$GET'page' 10. $page = striptags$GET'page'; 99. if...

7.4AI score
Exploits0
OpenVAS
OpenVAS
added 2008/01/17 12:0 a.m.46 views

Debian Security Advisory DSA 531-1 (php4)

The remote host is missing an update to php4 announced via advisory DSA 531-1. OpenVAS Vulnerability Test $Id: deb5311.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 531-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...

6.8CVSS0.7AI score0.54856EPSS
Exploits4
Packet Storm
Packet Storm
added 2007/04/19 12:0 a.m.26 views

shoutpro-pwn.txt

?php echo "\n"; echo " Special Greetings To - Timq,Warpboy,The-Maggot \n"; echo "\n\n\n"; //Writes Files - Under 100 bytes to meet requireme...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2007/04/17 12:0 a.m.24 views

ls-exec.txt

Special Greetings To - Timq,Warpboy,The-Maggot File: index.php Affects: LS simple guestbook v1 Date: 15th April 2007 Issue Description: =========================================================================== LS simple guestbook fails to sanitize user input that it writes to the posts.txt file...

7.4AI score
Exploits0
0day.today
0day.today
added 2007/04/17 12:0 a.m.35 views

ShoutPro <= 1.5.2 (shout.php) Remote Code Injection Exploit

Exploit for unknown platform in category web applications =========================================================== ShoutPro ?php echo "...

7.1AI score
Exploits0
OpenVAS
OpenVAS
added 2005/11/03 12:0 a.m.36 views

php < 4.3.8

The remote host is running a version of PHP 4.3 which is older or equal to 4.3.7. There is a bug in the remote version of this software which may allow an attacker to execute arbitrary code on the remote host if the option memorylimit is set. Another bug in the function striptags may allow an...

5.1CVSS7.2AI score0.54856EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2005/07/13 12:0 a.m.43 views

FreeBSD : php -- strip_tags XSS vulnerability (edf61c61-0f07-11d9-8393-000103ccf9d6)

Stefan Esser of e-matters discovered that PHP's striptags function would ignore certain characters during parsing of tags, allowing these tags to pass through. Select browsers could then parse these tags, possibly allowing cross-site scripting attacks. %NASLMINLEVEL 70300 C Tenable Network...

6.8CVSS5AI score0.45159EPSS
Exploits3References4
Tenable Nessus
Tenable Nessus
added 2004/08/30 12:0 a.m.47 views

GLSA-200407-13 : PHP: Multiple security vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200407-13 PHP: Multiple security vulnerabilities Several security vulnerabilities were found and fixed in version 4.3.8 of PHP. The striptags function, used to sanitize user input, could in certain cases allow tags containing \0...

6.8CVSS6.2AI score0.54856EPSS
Exploits4References5
RedHat Linux
RedHat Linux
added 2004/07/23 9:26 a.m.6 views

security flaw

The striptags function in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, does not filter null \0 characters within tag names when restricting input to allowed tags, which allows dangerous tags to be processed by web browsers such as Internet Explorer and Safari, which ignore null characters and...

6.8CVSS5.5AI score0.45159EPSS
Exploits3References4
Debian
Debian
added 2004/07/21 2:41 a.m.62 views

[SECURITY] [DSA 531-1] New php4 packages fix multiple vulnerabilities

-------------------------------------------------------------------------- Debian Security Advisory DSA 531-1 [email protected] http://www.debian.org/security/ Matt Zimmerman July 20th, 2004 http://www.debian.org/security/faq -...

6.8AI score
Exploits5
Slackware Linux
Slackware Linux
added 2004/07/20 11:21 p.m.50 views

PHP

New PHP packages are available for Slackware 8.1, 9.0, 9.1, 10.0, and -current to fix security issues memorylimit handling and a problem in the striptags function. Sites using PHP should upgrade. More details about this issue may be found in the Common Vulnerabilities and Exposures CVE database:...

6.8CVSS6.5AI score0.54856EPSS
Exploits4
RedHat Linux
RedHat Linux
added 2004/07/19 8:42 p.m.66 views

Important: Red Hat Security Advisory: php security update

Updated php packages that fix various security issues are now available. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP server. Stefan Esser discovered a flaw when memorylimit is enabled in versions of PHP 4 before 4.3.8. If a remote attacker could force the PHP...

6.8CVSS6AI score0.54856EPSS
Exploits4References2
RedHat Linux
RedHat Linux
added 2004/07/19 3:24 p.m.49 views

Important: Red Hat Security Advisory: php security update

Updated php packages that fix various security issues are now available. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP server. Stefan Esser discovered a flaw when memorylimit configuration setting is enabled in versions of PHP 4 before 4.3.8. If a remote attacker...

6.8CVSS6.3AI score0.54856EPSS
Exploits4References2
securityvulns
securityvulns
added 2004/07/14 12:0 a.m.50 views

[Full-Disclosure] Advisory 12/2004: PHP strip_tags&#40;&#41; bypass vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 e-matters GmbH www.e-matters.de -= Security Advisory =- Advisory: PHP striptags bypass vulnerability Release Date: 2004/07/14 Last Modified: 2004/07/14 Author: Stefan Esser [email protected] Application: PHP = 4.3.7 PHP5 = 5.0.0RC3 Severity: A bina...

6.8CVSS5.8AI score0.45159EPSS
Exploits3
exploitpack
exploitpack
added 2004/07/14 12:0 a.m.14 views

PHP 4.x5.0 - Strip_Tags() Function Bypass

PHP 4.x5.0 - StripTags Function Bypass source: https://www.securityfocus.com/bid/10724/info It is reported that it is possible to bypass PHPs striptags function. It is reported that under certain circumstances, PHPs striptags function will improperly leave malformed tags in place. This...

7.4AI score
Exploits0
FreeBSD
FreeBSD
added 2004/07/07 12:0 a.m.42 views

php -- strip_tags cross-site scripting vulnerability

Stefan Esser of e-matters discovered that PHP's striptags function would ignore certain characters during parsing of tags, allowing these tags to pass through. Select browsers could then parse these tags, possibly allowing cross-site scripting attacks...

6.8CVSS6AI score0.45159EPSS
Exploits3References2
Rows per page
Query Builder