This is a simple set of things to grep for that will help identify potential vulnerabilities in PHP code.
8700fa18f507e86dc84f2e92e04b5abdb40ce92fcbade4663491cd4222cd6069Symantec Web Gateway versions 5.2.2 and below suffer from an OS command injection vulnerability in new_whitelist.php.
cdd7d3fa2ce47af05afd30d9d1babc8da234a3d22e201c7e7cdf0cff0bfcaed3The Atlassian HipChat plugin for various products leaks the secret key it uses to communicate with a linked HipChat instance.
345b646185427493eb236fd026b44691cfbcfec6cebe1f1fb55177bfcea28fd7Gentoo Linux Security Advisory 201610-1 - Groovy is vulnerable to a remote execution of arbitrary code when java serialization is used. Versions less than 2.4.5 are affected.
c05aa1be21d3af2d387c9ec0850685c07159f109df4242b85beb4fb7a4777256Debian Linux Security Advisory 3688-1 - Several vulnerabilities were discovered in NSS, the cryptography library developed by the Mozilla project.
b93966cf45b459b94721e41f799657ce1d921ea91d32c39e7fe841f2d97f11e7Gentoo Linux Security Advisory 201610-2 - Multiple vulnerabilities have been found in Apache, the worst of which could allow HTTP request smuggling attacks or a Denial of Service condition. Versions less than 2.4.23 are affected.
f52938e600b9ac39ca2ead14c607d873649a2281cb33d93efd4e5d0973d35bafRed Hat Security Advisory 2016-2036-01 - Red Hat JBoss A-MQ, based on Apache ActiveMQ, is a standards-compliant messaging system that is tailored for use in mission critical applications. Red Hat JBoss A-MQ 6.3 is a minor product release that updates Red Hat JBoss A-MQ 6.2.1, and includes several bug fixes and enhancements.
8cd86d79430eaadf742abab2ced8d9fbde2fbc11d3d9b054c93757686c935292Red Hat Security Advisory 2016-2035-01 - Red Hat JBoss Fuse, based on Apache ServiceMix, provides a small-footprint, flexible, open source enterprise service bus and integration platform. Red Hat JBoss Fuse 6.3 is a minor product release that updates Red Hat JBoss Fuse 6.2.1, and includes several bug fixes and enhancements.
783d844b4a979957118ea3b2ddd3e8f2ab6d7c6074b85f24619161724330d970Debian Linux Security Advisory 3687-1 - Two vulnerabilities were reported in NSPR, a library to abstract over operating system interfaces developed by the Mozilla project.
dd09b07b2fad2cfbb96e59973b2597efe6ff844ab8ccc35dc331c34b3b329e63Billion Router 7700NR4 remote root command execution exploit.
472a30c55440464665f57052e169657facadf4c278f360ad2dc798afbf93b7f1Just Dial Clone Script suffers from a remote SQL injection vulnerability.
e62fc9ebf3b5e13fc2675a83ba7b26998456e22588d2c780e17c87e7486c054bMLM Unilevel Plan Script version 1.0.2 suffers from a remote SQL injection vulnerability.
3af795917f8846d53d53551a7c9af0f71f0f2b8e84008d7440e77d05eebaf7edB2B Portal Script suffers from a remote blind SQL injection vulnerability.
9211d7ec45e2b7a55a6558befca9644b6bcacb85e986cab9be7947d448c48df4Comodo Chromodo Browser suffers from an unquoted service path privilege escalation vulnerability.
e2717c45c4ad2cf8ba14c81ac09a79c25d53c3e3ee168b8a49a4a25d6b2b0f0dAdvance MLM Script suffers from a remote SQL injection vulnerability.
3e9e0c719de1264b150212c4fd5e5ab25009fef2d2f68ed60289b404f6737b13Witbe suffers from a remote code execution vulnerability.
152983efd6ee581a9292a5bf8f2f3dad6de884fc0de98aa0e13c881d8a0f5fd2Comodo Dragon Browser suffers from an unquoted service path privilege escalation vulnerability.
6d3836164e10aa02613b8ae07dab35dadd402d06ce8138ef206e090254cfc97bPHP Classifieds Rental Script suffers from a remote blind SQL injection vulnerability.
c2e1d56cf10905f51c3ec7e75c229bd50b25e03d62453e0cc1068bdcbaf2fe9ePacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
9e061ed17efdb50148d7006eb9cc9818873b211259976e1218683213783f45fcThe Mandos system allows computers to have encrypted root file systems and at the same time be capable of remote or unattended reboots. The computers run a small client program in the initial RAM disk environment which will communicate with a server over a network. All network communication is encrypted using TLS. The clients are identified by the server using an OpenPGP key that is unique to each client. The server sends the clients an encrypted password. The encrypted password is decrypted by the clients using the same OpenPGP key, and the password is then used to unlock the root file system.
027e9df7d5290efc94a8d152d0c0800ad8bb4c8929a5c4ff245a380a9ae34cb1VX Search Enterprise version 9.0.26 suffers from a buffer overflow vulnerability.
867ae236d878c197b6bdf419632e0b68b06f49bdf2aadbd977e51c73aff7abeeSync Breeze Enterprise version 8.9.24 suffers from a buffer overflow vulnerability.
38d3fa8568c6ee24fd40cbe26e5bb66231f1e57b682e550124cfbd43406cb6c2Dup Scout Enterprise version 9.0.28 suffers from a buffer overflow vulnerability.
300194d3c61248185cfc4f21a96ab39f152a2dc471cc3a4a86663efc3adeeccbDisk Sorter Enterprise version 9.0.24 suffers from a buffer overflow vulnerability.
70384b935857a19306f206156c910c20c8b74cc77b5b663194109f2c7d4896e6Disk Savvy Enterprise version 9.0.32 suffers from a buffer overflow vulnerability.
b776ae0fef71eab7680933bc0a2b89a7b301f1f9dad6dde299a90095a65fec3d
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed