Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

Denial Of Service (DoS) Or Directory Traversal

🗓️ 02 May 2019 04:42:12Reported by Veracode Vulnerability DatabaseType 
veracode
 veracode🔗 sca.analysiscenter.veracode.com👁 40 Views

PHP XSL extension file writing capability allows arbitrary file creation and overwrite. File upload request validation flaw leads to directory traversal attack. PHP interpreter may trigger internal server error. Memory leak and zend_strndup() function flaw increase the risk of application crashes

Related
Detection
Refs
ReporterTitlePublishedViews
Family
0day.today		PHP 5.3.8 Multiple Vulnerabilities
14 Jan 201200:00
zdt
0day.today		PHP CGI Argument Injection
5 May 201200:00
zdt
0day.today		PHP CGI Argument Injection Exploit
5 May 201200:00
zdt
0day.today		PHP CGI Argument Injection Remote Exploit (PHP Version)
20 May 201200:00
zdt
0day.today		Plesk Apache Zeroday Remote Exploit
6 Jun 201300:00
zdt
0day.today		Apache Magicka Remote Code Execution Vulnerability
31 Oct 201300:00
zdt
GithubExploit		Exploit for OS Command Injection in Php
8 Jun 202406:36
githubexploit
GithubExploit		Exploit for OS Command Injection in Php
11 Jun 202415:11
githubexploit
GithubExploit		Exploit for OS Command Injection in Php
12 Jun 202411:50
githubexploit
GithubExploit		Exploit for OS Command Injection in Php
30 Dec 202517:49
githubexploit
Rows per page
Vulners
Node
phpphpMatch5.1.6_34.el5_8
OR
phpphpMatch5.1.6_20.el5
OR
phpphpMatch5.1.6_20.el5_2.1
OR
phpphpMatch5.1.6_27.el5
OR
phpphpMatch5.1.6_23.2.el5_3
OR
phpphpMatch5.1.6_27.el5_5.3
OR
phpphpMatch5.1.6_24.el5_4.5
OR
phpphpMatch5.1.6_27.el5_7.5
OR
phpphpMatch5.1.6_5.el5
OR
phpphpMatch5.1.6_12.el5
OR
phpphpMatch5.1.6_15.el5
OR
phpphpMatch5.1.6_23.el5
OR
phpphpMatch5.1.6_7.el5
OR
phpphpMatch5.1.6_11.el5
OR
phpphpMatch5.1.6_27.el5_7.4
OR
phpphpMatch5.1.6_32.el5
OR
phpphpMatch5.3.3_3.el6_1.3
OR
phpphpMatch5.3.3_3.el6_2.6
OR
phpphpMatch5.3.3_3.el6_2.5
OR
phpphpMatch5.3.3_3.el6_2.8
OR
phpphpMatch5.3.3_3.el6
OR
phpphpMatch5.3.2_6.el6
OR
phpphpMatch5.3.2_6.el6_0.1
OR
php53php53Match5.3.3_1.el5_7.5
OR
php53php53Match5.3.3_1.el5_7.3
OR
php53php53Match5.3.3_1.el5_6.1
OR
php53php53Match5.3.3_1.el5
OR
php53php53Match5.3.3_1.el5_7.6
OR
php53php53Match5.3.3_5.el5
OR
php53php53Match5.3.3_7.el5_8

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
19 Apr 2022 18:13Current
6.3Medium risk
Vulners AI Score6.3
CVSS 27.5
CVSS 3.19.8
EPSS0.99998
phpxsl extensionfile writingdirectory traversalfile uploadvalidationinterpreterinternal server errormemory leakapplication crashes
40