151 matches found
PHP 7.0.x < 7.0.6 Multiple Vulnerabilities
According to its banner, the version of PHP running on the remote web server is 7.0.x prior to 7.0.6. It is, therefore, affected by multiple vulnerabilities : - A signedness error exists in the GD Graphics library within file gdgd2.c due to improper validation of user-supplied input when handling...
CVE-2016-3078
Multiple integer overflows in phpzip.c in the zip extension in PHP before 7.0.6 allow remote attackers to cause a denial of service heap-based buffer overflow and application crash or possibly have unspecified other impact via a crafted call to 1 getFromIndex or 2 getFromName in the ZipArchive...
Internet Bug Bounty: Integer overflow in ZipArchive::getFrom*
https://bugs.php.net/bug.php?id=71923...
PHP 7.0.5 - ZipArchive::getFrom* Integer Overflow
Exploit for php platform in category remote exploits Details ======= An integer wrap may occur in PHP 7.x before version 7.0.6 when reading zip files with the getFromIndex and getFromName methods of ZipArchive, resulting in a heap overflow. php-7.0.5/ext/zip/phpzip.c ,---- | 2679 static void...
PHP 7.0.5 - ZipArchive::getFrom* Integer Overflow
PHP 7.0.5 - ZipArchive::getFrom Integer Overflow Details ======= An integer wrap may occur in PHP 7.x before version 7.0.6 when reading zip files with the getFromIndex and getFromName methods of ZipArchive, resulting in a heap overflow. php-7.0.5/ext/zip/phpzip.c ,---- | 2679 static void...
PHP 7.x Heap Overflow
Details ======= An integer wrap may occur in PHP 7.x before version 7.0.6 when reading zip files with the getFromIndex and getFromName methods of ZipArchive, resulting in a heap overflow. php-7.0.5/ext/zip/phpzip.c ,---- | 2679 static void phpzipgetfromINTERNALFUNCTIONPARAMETERS, int type / / |...
PHP ZipArchive::getFrom* Integer Overflow Vulnerability
PHP PHP: Hypertext Preprocessor, PHP: Hypertext Preprocessor is an open source general-purpose computer scripting language maintained by the PHP Group and the open source community.PHP ZipArchive is an extension class that comes with PHP that enables compression and decompression of ZIP files. An...
PHP 7.0.5 - ZipArchive::getFrom* Integer Overflow
Details ======= An integer wrap may occur in PHP 7.x before version 7.0.6 when reading zip files with the getFromIndex and getFromName methods of ZipArchive, resulting in a heap overflow. php-7.0.5/ext/zip/phpzip.c ,---- | 2679 static void phpzipgetfromINTERNALFUNCTIONPARAMETERS, int type / / |...
CAM UnZip 5.1 - .'ZIP' File Directory Traversal
Exploit for windows platform in category local exploits + Credits: hyp3rlinx Vendor: ================= www.camunzip.com Product: ============== CAM UnZip v5.1 Vulnerability Type: ====================== Archive Path Traversal CVE Reference: ============== N/A Vulnerability Details:...
Fedora 23 : php-pecl-zip-1.13.1-1.fc23 (2015-15273)
Upstream change, Version 1.13 update bundled libzip to 1.0.1 Remi, Anatol new methods for ZipArchive: setCompressionName, setCompressionIndex Cedric Delmas allow to build with PHP 7 Fixed bug 70350 ZipArchive::extractTo allows for directory traversal when creating directories. neal at fb dot com...
CVE-2014-9767
Directory traversal vulnerability in the ZipArchive::extractTo function in ext/zip/phpzip.c in PHP before 5.4.45, 5.5.x before 5.5.29, and 5.6.x before 5.6.13 and ext/zip/extzip.cpp in HHVM before 3.12.1 allows remote attackers to create arbitrary empty directories via a crafted ZIP archive...
PHP 5.3.3/5.2.14 ZipArchive::getArchiveComment NULL Pointer Deference
No description provided by source...
MobileCartly 1.0 - Remote File Upload Vulnerability
No description provided by source. Exploit Title: MobileCartly 1.0 Remote File Upload Vulnerability Google Dork: - Date: 14/08/2012 Exploit Author: ICheerNo0M Vendor Homepage: http://icheernoom.blogspot.com/ Software Link: http://mobilecartly.com/mobilecartly.zip Version: 1.0 Tested on: Ubuntu...
MobileCartly 1.0 Remote File Upload Vulnerability
Exploit for php platform in category web applications Exploit Title: MobileCartly 1.0 Remote File Upload Vulnerability Google Dork: - Date: 14/08/2012 Exploit Author: ICheerNo0M Vendor Homepage: http://icheernoom.blogspot.com/ Software Link: http://mobilecartly.com/mobilecartly.zip Version: 1.0...
MobileCartly 1.0 - Arbitrary File Upload
MobileCartly 1.0 - Arbitrary File Upload Exploit Title: MobileCartly 1.0 Remote File Upload Vulnerability Google Dork: - Date: 14/08/2012 Exploit Author: ICheerNo0M Vendor Homepage: http://icheernoom.blogspot.com/ Software Link: http://mobilecartly.com/mobilecartly.zip Version: 1.0 Tested on:...
MobileCartly 1.0 - Arbitrary File Upload
Exploit Title: MobileCartly 1.0 Remote File Upload Vulnerability Google Dork: - Date: 14/08/2012 Exploit Author: ICheerNo0M Vendor Homepage: http://icheernoom.blogspot.com/ Software Link: http://mobilecartly.com/mobilecartly.zip Version: 1.0 Tested on: Ubuntu 10.10 + PHP 5.3.3 1. Vuln Code :...
Ubuntu Update for php5 USN-1231-1
Ubuntu Update for Linux kernel vulnerabilities USN-1231-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN12311.nasl 7964 2017-12-01 07:32:11Z santu $ Ubuntu Update for php5 USN-1231-1 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This...
Ubuntu 8.04 LTS / 10.04 LTS / 10.10 / 11.04 / 11.10 : php5 vulnerabilities (USN-1231-1)
Mateusz Kocielski, Marek Kroemeke and Filip Palian discovered that a stack-based buffer overflow existed in the socketconnect function's handling of long pathnames for AFUNIX sockets. A remote attacker might be able to exploit this to execute arbitrary code; however, the default compiler options...
USN-1231-1: PHP Vulnerabilities
Mateusz Kocielski, Marek Kroemeke and Filip Palian discovered that a stack-based buffer overflow existed in the socketconnect function's handling of long pathnames for AFUNIX sockets. A remote attacker might be able to exploit this to execute arbitrary code; however, the default compiler options...
PHP Multiple Vulnerabilities (Sep 2011) - Windows
PHP is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; if description...