1702 matches found
PHP Code Injection
phpWhois PHP Code Injection\nVulnerability Overview\nphpWhois and some of its forks in versions before 5.1.0 are prone to a\ncode injection vulnerability due to insufficient sanitization of returned\nWHOIS data. This allows attackers controlling the WHOIS information of a\nrequested domain to...
Padding Oracle Vulnerability in RSA Encryption
Hi, https://github.com/pagarme/pagarme-php/blob/master/lib/Pagarme/CardHashCommon.php This class has a confusing name. CardHash implies a cryptographic hash e.g. SHA256 is being used, but you're encrypting with RSA. Interestingly, you're not specifying the padding client-side, so you're encryptin...
PHPMemcachedAdmin Path Traversal vulnerability
More info at https://nvd.nist.gov/vuln/detail/CVE-2023-6026...
PHP Code Injection
phpWhois PHP Code Injection\nVulnerability Overview\nphpWhois and some of its forks in versions before 5.1.0 are prone to a\ncode injection vulnerability due to insufficient sanitization of returned\nWHOIS data. This allows attackers controlling the WHOIS information of a\nrequested domain to...
Mautic core - Highly Critical - XSS vulnerability leveraged through referrers could allow un-authorized admin access
More info at https://www.mautic.org/blog/community/security-release-all-versions-mautic-prior-2-16-5-and-3-2-4...
Attackers can trigger deserialization of arbitrary data via the phar:// wrapper.
There was a problem hiding this comment. Choose a reason for hiding this comment The reason will be displayed to describe this comment to others. Learn more. Choose a reason Spam Abuse Off Topic Outdated Duplicate Resolved Hide comment I'm afraid this change is wrong. fileexists is not the only...
Cross-site scripting (XSS) vulnerability in Paypal-Merchant-SDK-PHP
Hello: I have find a Reflected XSS vulnerability in this sdk. The vulnerability exists due to insufficient filtration of user-supplied data in “token” HTTP GET parameter that will be passed to “merchant-sdk-php\samples\AccountAuthentication\GetAuthDetails.html.php”. The infected source code is li...
Code injection vulnerability in allSelectors()
More info at https://packetstormsecurity.com/files/cve/CVE-2020-13756...
Deserialization of Untrusted Data
Description This affects the package codeception/codeception from 4.0.0 before 4.1.22 and before 3.1.3. The RunProcess class can be leveraged as a gadget to run arbitrary commands on a system that is deserializing user input without validation. References...
Padding Oracle Vulnerability in RSA Encryption
See https://framework.zend.com/security/advisory/ZF2015-10 it's essentially the same vulnerability The text was updated successfully, but these errors were encountered: All reactions...
Attackers can trigger deserialization of arbitrary data via the phar:// wrapper.
There was a problem hiding this comment. Choose a reason for hiding this comment The reason will be displayed to describe this comment to others. Learn more. Choose a reason Spam Abuse Off Topic Outdated Duplicate Resolved Hide comment I'm afraid this change is wrong. fileexists is not the only...
PHP Code Injection
phpWhois PHP Code Injection\nVulnerability Overview\nphpWhois and some of its forks in versions before 5.1.0 are prone to a\ncode injection vulnerability due to insufficient sanitization of returned\nWHOIS data. This allows attackers controlling the WHOIS information of a\nrequested domain to...
Authentication bypass via attacker provided openid server
Description Impact The outdated version 1 of the Steam Socialite Provider doesn't check properly if the login comes from steamcommunity.com, allowing a malicious actor to substitute their own openID server. Patches This vulnerability only affects the outdated v1.x versions of the package. These a...
Remote Code Execution via Chosen-Ciphertext Attack
framework/src/Titon/Crypto/OpenSslCipher.hh Lines 30 to 39 in cbf4472 public function decryptstring $payload: mixed $payload = $this-decodePayload$payload; $method = $this-getMethod; $value = openssldecrypthex2bin$payload'data', $method, $this-getKey, OPENSSLRAWDATA, hex2bin$payload'iv'; if $valu...
Attackers can trigger deserialization of arbitrary data via the phar:// wrapper.
There was a problem hiding this comment. Choose a reason for hiding this comment The reason will be displayed to describe this comment to others. Learn more. Choose a reason Spam Abuse Off Topic Outdated Duplicate Resolved Hide comment I'm afraid this change is wrong. fileexists is not the only...
PHP Code Injection
phpWhois PHP Code Injection\nVulnerability Overview\nphpWhois and some of its forks in versions before 5.1.0 are prone to a\ncode injection vulnerability due to insufficient sanitization of returned\nWHOIS data. This allows attackers controlling the WHOIS information of a\nrequested domain to...
Prevent installation typosquatting malware
More info at https://www.kernelmode.blog/typosquatting-malware-found-in-composer-repository/...
Attackers can trigger deserialization of arbitrary data via the phar:// wrapper.
There was a problem hiding this comment. Choose a reason for hiding this comment The reason will be displayed to describe this comment to others. Learn more. Choose a reason Spam Abuse Off Topic Outdated Duplicate Resolved Hide comment I'm afraid this change is wrong. fileexists is not the only...
Drupal core - Moderately critical - Third-party library - SA-CORE-2020-001
More info at https://www.drupal.org/sa-core-2020-001...
CVE-2026-45064: HtmlSanitizer URL Attributes Pass Through BiDi Override Characters → Visual href Spoofing
More info at https://symfony.com/cve-2026-45064...
CVE-2026-48760: HtmlSanitizer URL Parser Deny Gates Underinclusive: Percent-Encoded BiDi Marks and Unicode Whitespace Bypass Visual-Spoofing Defense
More info at https://symfony.com/cve-2026-48760...
Padding Oracle Vulnerability in RSA Encryption
See https://framework.zend.com/security/advisory/ZF2015-10 it's essentially the same vulnerability...
Deserialization of Untrusted Data
This affects the package codeception/codeception from 4.0.0 before 4.1.22 and before 3.1.3. The RunProcess class can be leveraged as a gadget to run arbitrary commands on a system that is deserializing user input without validation...
PHP Code Injection
phpWhois PHP Code Injection Vulnerability Overview phpWhois and some of its forks in versions before 5.1.0 are prone to a code injection vulnerability due to insufficient sanitization of returned WHOIS data. This allows attackers controlling the WHOIS information of a requested domain to execute...
PHP file inclusion via insert tags
More info at https://contao.org/en/security-advisories/php-file-inclusion-via-insert-tags.html...
Privilege escalation with the form generator
More info at https://contao.org/en/security-advisories/privilege-escalation-with-the-form-generator.html...
Insert tag injection in front end forms
More info at https://contao.org/en/security-advisories/insert-tag-injection-in-forms.html...
Existing sessions are not correctly invalidated when a user changes their password
More info at https://contao.org/en/news/security-vulnerability-cve-2019-10641.html...
SQL injection vulnerabililty in the file manager search filter
More info at https://contao.org/en/news/security-vulnerability-cve-2019-11512.html...
Information disclosure in the back end
More info at https://contao.org/en/security-advisories/information-disclosure-in-the-back-end.html...
PHP Code Injection
phpWhois PHP Code Injection Vulnerability Overview phpWhois and some of its forks in versions before 5.1.0 are prone to a code injection vulnerability due to insufficient sanitization of returned WHOIS data. This allows attackers controlling the WHOIS information of a requested domain to execute...
Unrestricted file uploads
More info at https://contao.org/en/security-advisories/unrestricted-file-uploads.html...
Cross-site scripting (XSS) vulnerability in the system log
More info at https://contao.org/en/security-advisories/cross-site-scripting-in-the-system-log-2021.html...
Cross site scripting via HTML attributes in the back end
More info at https://contao.org/en/security-advisories/cross-site-scripting-via-html-attributes-in-the-back-end.html...
Anonymous Open Redirect - Moderately Critical - Open Redirect
More info at https://www.drupal.org/sa-core-2018-006...
CVE-2026-45304: YAML Parser Exponential Memory Allocation via Recursive Collection-Alias Expansion ("Billion Laughs")
More info at https://symfony.com/cve-2026-45304...
CVE-2026-45133: YAML Parser Stack Exhaustion via Unbounded Recursion in Nested Blocks, Sequences, and Mappings
More info at https://symfony.com/cve-2026-45133...
CVE-2026-45305: YAML Parser ReDoS via Catastrophic Backtracking in Parser::cleanup() Regex
More info at https://symfony.com/cve-2026-45305...
CVE-2026-45072: Stored XSS in WebProfiler CodeExtension::fileExcerpt(): Unescaped Non-PHP File Rendering
More info at https://symfony.com/cve-2026-45072...
CVE-2026-45753: HtmlSanitizer UrlAttributeSanitizer Omits action/formaction/poster/cite: javascript: URI Survives Sanitization (XSS)
More info at https://symfony.com/cve-2026-45753...
CVE-2026-45755: Mailtrap Mailer Webhook Parser Never Verifies the X-Mt-Signature HMAC: Unauthenticated Webhook Event Injection
More info at https://symfony.com/cve-2026-45755...
CVE-2026-48489: Security Firewall Bypass via failure_forward Subrequest: Unauthenticated Access to access_control-Protected GET Routes
More info at https://symfony.com/cve-2026-48489...
CVE-2026-48736: IpUtils::PRIVATE_SUBNETS Omits IPv6 Transition Forms (6to4, NAT64, Teredo, IPv4-compatible): SSRF Bypass in NoPrivateNetworkHttpClient
More info at https://symfony.com/cve-2026-48736...
CVE-2026-48747: Mailomat Mailer Webhook Parser Reads the HMAC Algorithm from the Request: Signature Algorithm Downgrade
More info at https://symfony.com/cve-2026-48747...
CVE-2026-47212: Twilio Notifier Webhook Parser Never Verifies the X-Twilio-Signature HMAC: Unauthenticated Webhook Event Injection
More info at https://symfony.com/cve-2026-47212...
CVE-2026-45756: JsonPath Evaluates Attacker-Controlled Regular Expressions in match()/search() Without Limits: ReDoS
More info at https://symfony.com/cve-2026-45756...
CVE-2026-48784: UrlGenerator Dot-Segment Encoding Skips Every Other Chained `../` or `./` → Generated URL Collapses Off-Route Under RFC 3986 Normalization
More info at https://symfony.com/cve-2026-48784...
CVE-2026-48761: HtmlSanitizer UrlAttributeSanitizer Misses URL Attributes on <object>, <applet>, <iframe>, <img> and the URL Inside <meta http-equiv="refresh"> content
More info at https://symfony.com/cve-2026-48761...
CVE-2024-51736: Command execution hijack on Windows with Process class
More info at https://symfony.com/cve-2024-51736...
CVE-2024-51996: Authentication Bypass via persisted RememberMe cookie
More info at https://symfony.com/cve-2024-51996...