Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
EasyphpWebserver

4 matches found

CVE
CVEadded 2024/11/14 1:37 p.m.50 views

CVE-2024-11215

CVE-2024-11215 affects EasyPHP Webserver v14.1 and is an absolute path traversal vulnerability. The issue allows bypassing SecurityManager restrictions to retrieve arbitrary files by sending a request containing consecutive strings ‘/...%5c’. Related sources describe the vulnerability as a path t...

6.5CVSS6.4AI score0.00148EPSS
CVE
CVEadded 2023/09/26 7:51 a.m.36 views

CVE-2023-3767

CVE-2023-3767 affects EasyPHP Webserver v14.1. An OS command injection flaw exists in the /index.php?zone=settings handler that an attacker can exploit to gain full system access. The root cause is improper handling of the settings parameter allowing arbitrary command execution. Documented impact...

9.8CVSS9.7AI score0.00787EPSS
CVE
CVEadded 2025/12/18 7:53 p.m.8 views

CVE-2023-53944

EasyPHP Webserver 14.1 is affected by a path traversal vulnerability (CVE-2023-53944) that allows remote low-privilege users to read files outside the document root by bypassing SecurityManager. The documented payload involves crafted GET requests with encoded directory traversal sequences such a...

7.1CVSS6.5AI score0.00183EPSS
CVE
CVEadded 2025/12/18 7:53 p.m.7 views

CVE-2023-53941

CVE-2023-53941 describes an OS command injection in EasyPHP Webserver 14.1. An unauthenticated attacker can trigger remote code execution by crafting the app_service_control payload and sending a POST to /index.php?zone=settings, leading to commands executed with administrative privileges. The CV...

9.8CVSS8AI score0.70779EPSS