exploit the possibilities
Showing 1 - 6 of 6 RSS Feed

CVE-2018-10547

Status Candidate

Overview

An issue was discovered in ext/phar/phar_object.c in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. There is Reflected XSS on the PHAR 403 and 404 error pages via request data of a request for a .phar file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2018-5712.

Related Files

Red Hat Security Advisory 2020-1112-01
Posted Apr 1, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1112-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Issues addressed include a cross site scripting vulnerability.

tags | advisory, web, php, xss
systems | linux, redhat
advisories | CVE-2018-10547, CVE-2018-5712, CVE-2018-7584, CVE-2019-9024
MD5 | 2338e48855ba82f7c68e6c201ba27ab5
Red Hat Security Advisory 2019-2519-01
Posted Aug 19, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2519-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Issues addressed include buffer overflow, bypass, cross site scripting, denial of service, information leakage, and null pointer vulnerabilities.

tags | advisory, web, denial of service, overflow, php, vulnerability, xss
systems | linux, redhat
advisories | CVE-2016-10166, CVE-2017-12932, CVE-2017-16642, CVE-2017-9118, CVE-2017-9120, CVE-2018-10545, CVE-2018-10546, CVE-2018-10547, CVE-2018-10548, CVE-2018-10549, CVE-2018-14851, CVE-2018-14884, CVE-2018-17082, CVE-2018-20783, CVE-2018-5711, CVE-2018-5712, CVE-2018-7584, CVE-2019-11034, CVE-2019-11035, CVE-2019-11036, CVE-2019-11038, CVE-2019-11039, CVE-2019-11040, CVE-2019-6977, CVE-2019-9020, CVE-2019-9021, CVE-2019-9022
MD5 | 78b5fcb3a3c8f8ee710500de6377153e
Debian Security Advisory 4240-1
Posted Jul 5, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4240-1 - Several vulnerabilities were found in PHP, a widely-used open source general purpose scripting language.

tags | advisory, php, vulnerability
systems | linux, debian
advisories | CVE-2018-10545, CVE-2018-10546, CVE-2018-10547, CVE-2018-10548, CVE-2018-10549, CVE-2018-7584
MD5 | eaff28711d8000b812023696350c581c
Slackware Security Advisory - php Updates
Posted May 17, 2018
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New php packages are available for Slackware 14.0, 14.1, and 14.2 to fix security issues.

tags | advisory, php
systems | linux, slackware
advisories | CVE-2018-10546, CVE-2018-10547, CVE-2018-10548, CVE-2018-10549
MD5 | a8f21befcaeda522f47af64b6d0c5282
Ubuntu Security Notice USN-3646-2
Posted May 16, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3646-2 - USN-3646-1 fixed a vulnerability in PHP. This update provides the corresponding update for Ubuntu 12.04 ESM. It was discovered that PHP incorrectly handled opcache access controls when configured to use PHP-FPM. A local user could possibly use this issue to obtain sensitive information from another user's PHP applications. Various other issues were also addressed.

tags | advisory, local, php
systems | linux, ubuntu
advisories | CVE-2018-10545, CVE-2018-10547, CVE-2018-10548
MD5 | ae0a82d9affb22e21c4f389ad7789281
Ubuntu Security Notice USN-3646-1
Posted May 14, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3646-1 - It was discovered that PHP incorrectly handled opcache access controls when configured to use PHP-FPM. A local user could possibly use this issue to obtain sensitive information from another user's PHP applications. It was discovered that the PHP iconv stream filter incorrect handled certain invalid multibyte sequences. A remote attacker could possibly use this issue to cause PHP to hang, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, local, php
systems | linux, ubuntu
advisories | CVE-2018-10545, CVE-2018-10546, CVE-2018-10547, CVE-2018-10548, CVE-2018-10549
MD5 | 671fb2061c1fff15655f741886b1e10a
Page 1 of 1
Back1Next

File Archive:

January 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    4 Files
  • 2
    Jan 2nd
    3 Files
  • 3
    Jan 3rd
    3 Files
  • 4
    Jan 4th
    33 Files
  • 5
    Jan 5th
    31 Files
  • 6
    Jan 6th
    21 Files
  • 7
    Jan 7th
    15 Files
  • 8
    Jan 8th
    19 Files
  • 9
    Jan 9th
    1 Files
  • 10
    Jan 10th
    1 Files
  • 11
    Jan 11th
    33 Files
  • 12
    Jan 12th
    19 Files
  • 13
    Jan 13th
    27 Files
  • 14
    Jan 14th
    8 Files
  • 15
    Jan 15th
    16 Files
  • 16
    Jan 16th
    0 Files
  • 17
    Jan 17th
    0 Files
  • 18
    Jan 18th
    0 Files
  • 19
    Jan 19th
    0 Files
  • 20
    Jan 20th
    0 Files
  • 21
    Jan 21st
    0 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    0 Files
  • 24
    Jan 24th
    0 Files
  • 25
    Jan 25th
    0 Files
  • 26
    Jan 26th
    0 Files
  • 27
    Jan 27th
    0 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close