Month Of PHP Security - Xinha WYSIWYG Plugin Configuration Injection Vulnerability. Versions 0.96 Beta 2 and below are affected.
c66014e0c6768bd3c9c1aa70a314d4064c4c0468b8bf98545b2f42a206c4e70bMonth Of PHP Security - EFront ask_chat chatrooms_ID SQL Injection Vulnerability. Versions 3.6.2 and below are affected.
bd70db2bcd76336b6a4f5c231f16033f042aefde8dc98f8e10731ab10ccba7c9Month Of PHP Security - PHP preg_quote() Interruption Information Leak Vulnerability. PHP versions 5.2.13 and below and 5.3.2 and below are affected.
e515968ea6988e8d0807efab6970363eaf0993abc5894542f5986b54ff16775aMonth Of PHP Security - PHP ZEND_SL Opcode Interruption Address Information Leak Vulnerability. PHP versions 5.2.13 and below and 5.3.2 and below are affected.
2907e511f86cca7358b45fea35061b6efab3d3f08dabede076d55e375e76e680Month Of PHP Security - PHP ZEND_SR Opcode Interruption Address Information Leak Vulnerability. PHP versions 5.2.13 and below and 5.3.2 and below are affected.
5b99778ede255d29c72816503ca902ab9c5dd9959bcb79a46e5a309a31cfa132Month Of PHP Security - PHP ZEND_BW_XOR Opcode Interruption Address Information Leak Vulnerability. PHP versions 5.2.13 and below and 5.3.2 and below are affected.
ee2f34c9c80af2c8f60fb317ecffe89f45b2e012058e8906eeac7a6b4ecb2e11Month Of PHP Security - DeluxeBB newthread SQL Injection Vulnerability. Versions 1.3 and below are affected.
d69337c26c2a6c3970dd5fd8963e5d44313915ca5b8cedf37d5ab51d48d75d52Month Of PHP Security - PHP html_entity_decode() Interruption Information Leak Vulnerability. PHP versions 5.2.13 and below and 5.3.2 and below are affected.
05d20cc7a50287ac2532f5c71d9fe20888f9ec171855cca57c63e139215aaefaMonth Of PHP Security - PHP shm_put_var() Already Freed Resource Access Vulnerability. PHP versions 5.2.13 and below and 5.3.2 and below are affected.
c9357ce50f070bf1ad0f6cfd9433075d4b5babdaae0bd5ec73aa09d6988c02b1Month Of PHP Security - ClanTiger Shoutbox Module s_email SQL Injection Vulnerability. Versions 1.1.3 and below are affected.
dc8610d2eb0a74d5b32a73aacf834c6a4c5684800a218ec20badd5811c8f3a2aMonth Of PHP Security - PHP chunk_split() Interruption Information Leak Vulnerability. PHP versions 5.2.13 and below and 5.3.2 and below are affected.
15a97cc60de3d9bc83c68252758420e3b9bd58a88fb8e784c48c80f6b6eb5f33Month Of PHP Security - PHP addcslashes() Interruption Information Leak Vulnerability. PHP versions 5.2.13 and below and 5.3.2 and below are affected.
f6746f43dfc72d30fc8e08e9f054b30111e25a63d28fcbb7a542dcf629c5ac63Month Of PHP Security - ClanSphere MySQL Driver Generic SQL Injection Vulnerability. Versions 2009.0.3 and below are affected.
748214c939564743d8a2aae546501f0ee10f6ef4c65c98ba8ef12e643b1ce952Month Of PHP Security - PHP dechunk Filter Signed Comparison Vulnerability. PHP versions 5.3 through 5.3.2 are affected.
f72ac91b2a0964283b5872aa6b09b5112ec8564b4c6d008c0ed1e51f3c575eddMonth Of PHP Security - ClanSphere Captcha Generator Blind SQL Injection Vulnerability. Versions 2009.0.3 and below are affected.
b5f7e1131958cc781e0958bf42fcdf75d5384cc31a59c5d247dc9f5cb260ce25Month Of PHP Security - PHP hash_update_file() Already Freed Resource Access Vulnerability. PHP versions 5.2.13 and below and 5.3.2 and below are affected.
f117a9d1c4ad0a4fd3f7c64c2aedb1da11a377360cd3fe1e6ac8c25fa68c39bdMonth Of PHP Security - Campsite TinyMCE Article Attachment SQL Injection Vulnerability. Campsite versions 3.3.5 and below are affected.
cac61fc7f648ff63af296e71fd6608f547e45e56f612ded64428e567be187b46MyBB versions 1.4.11 and below suffer from a password reset weak random number vulnerability.
76401bf313ed59fd28899756d38cace82dd2d12586e3c58956850da0f8a12cc1MyBB versions 1.4.11 and below suffer from a password reset vulnerability.
eebecf174ba3f29f1d553d050fbff4e47f7d1b2b733b9981a342465b41506447It was discovered that Piwik versions 0.4.5 and below unserialize data from the user supplied cookie. By unserializing some of Piwik's objects it is possible to write arbitrary files to writable locations on the webserver which can be used to upload e.g. PHP files to writable directories within the webserver's document root which usually exist in a standard Piwik installation. In newer versions of Piwik it is also possible to execute arbitrary PHP code directly.
a00c0312ce8b82b8cd2813df0c76f936110fcb0c4c828532db7a31e0622117d2PHPIDS versions 0.6.2 and below unserializes() user input which allows an attacker to send a carefully crafted cookie that when unserialized can utilize existing classes which e.g. can lead to upload of arbitrary files or execution of arbitrary PHP code in Zend Framework Applications.
2b8975c5803e603dad1a6004fc5744a745207c5abcd0dc71d48308c12e249650This Metasploit module exploits an integer overflow vulnerability in the unserialize() function of the PHP web server extension.
436f0bc029967671da472d8ca912c40b8636846cfd3d8f81e3a0fd1d8a030e1fHorde Application Framework versions 3.2.4 and below suffer from a Horde_Form_Type_image arbitrary file overwrite vulnerability.
6b36254b02daaded256bbf6076bafdff753a55113f60cdbc47ec7d1dfe52ffb0Whitepaper called State Of The Art Post Exploitation In Hardened PHP Environments.
7928c94b9af3be5e10b1f29f0a78a75c860ab2291068409148ffbbe3e6f3808fPHP versions 5.2.6 and below suffer from a directory traversal vulnerability in ZipArchive::extractTo().
eef814d8f1daf79eb48fd58c0722cd5768082f124ee55a347e0683274424e5eb
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed