Twenty Year Anniversary
Showing 1 - 25 of 4,714 RSS Feed

PHP Files

OCS Inventory NG Webconsole Shell Upload
Posted Aug 6, 2018
Authored by Simon Uvarov

OCS Inventory NG OCS Inventory Server through 2.5 allows a privileged user to gain access to the server via a template file containing PHP code, because file extensions other than .html are permitted.

tags | exploit, php, file upload
advisories | CVE-2018-14857
MD5 | f671f8d4d1775a87dfdb4e245c86573a
Debian Security Advisory 4262-1
Posted Aug 6, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4262-1 - Multiple vulnerabilities have been found in the Symfony PHP framework which could lead to open redirects, cross-site request forgery, information disclosure, session fixation or denial of service.

tags | advisory, denial of service, php, vulnerability, info disclosure, csrf
systems | linux, debian
advisories | CVE-2016-2403, CVE-2017-1665, CVE-2017-16653, CVE-2017-16654, CVE-2017-16790, CVE-2018-11385, CVE-2018-11386, CVE-2018-11406
MD5 | 9d90561cb123024abe81fc4647a6aff3
PHP Template Store Script 3.0.6 Cross Site Scripting
Posted Aug 3, 2018
Authored by Sarafraz Khan

PHP Template Store Script version 3.0.6 suffers from persistent cross site scripting vulnerabilities.

tags | exploit, php, vulnerability, xss
advisories | CVE-2018-14869
MD5 | 955dd57ab80d69477021cb73445e4ecf
HRSale 1.0.6 Local File Disclosure
Posted Jul 31, 2018
Authored by ShanoWeb

HRSale HR Management PHP script version 1.0.6 suffers from a local file disclosure vulnerability.

tags | exploit, local, php, info disclosure
MD5 | 7359826a28a3b8ffd79965cd3b39d5bf
MicroFocus Secure Messaging Gateway Remote Code Execution
Posted Jul 31, 2018
Authored by Mehmet Ince | Site metasploit.com

This Metasploit module exploits a SQL injection and command injection vulnerability in MicroFocus Secure Messaging Gateway. An unauthenticated user can execute a terminal command under the context of the web user. One of the user supplied parameters of API endpoint is used by the application without input validation and/or parameter binding, which leads to SQL injection vulnerability. Successfully exploiting this vulnerability gives a ability to add new user onto system. manage_domains_dkim_keygen_request.php endpoint is responsible for executing an operation system command. It's not possible to access this endpoint without having a valid session. Combining these vulnerabilities gives the opportunity execute operation system commands under the context of the web user.

tags | exploit, web, php, vulnerability, sql injection
advisories | CVE-2018-12464, CVE-2018-12465
MD5 | e1ed8b7a67ea6ddd018934d8c751a6d1
Vtiger CRM 6.3.0 Authenticated Logo Upload Remote Command Execution
Posted Jul 30, 2018
Authored by Benjamin Daniel Mussler, Touhid M.Shaikh | Site metasploit.com

Vtiger version 6.3.0 CRM's administration interface allows for the upload of a company logo. Instead of uploading an image, an attacker may choose to upload a file containing PHP code and run this code by accessing the resulting PHP file. This Metasploit module was tested against vTiger CRM version 6.3.0.

tags | exploit, php
advisories | CVE-2015-6000, CVE-2016-1713
MD5 | 72429cacd6f8d8507d950f72f13a44cd
Super CMS Blog Pro PHP Script 1.0 Cross Site Scripting
Posted Jul 28, 2018
Authored by Guia Brahim Fouad

Super CMS Blog Pro PHP Script version 1.0 suffers from a cross site scripting vulnerability.

tags | exploit, php, xss
MD5 | 65c8fcb0181b7cc5639b9ffd8ad8014c
Super CMS Blog Pro PHP Script 1.0 SQL Injection / Shell Upload
Posted Jul 27, 2018
Authored by ShanoWeb

Super CMS Blog Pro PHP Script version 1.0 suffers from shell upload and remote SQL injection vulnerabilities.

tags | exploit, remote, shell, php, vulnerability, sql injection
MD5 | 4d4af76da07a9471a1cd3679240ce824
NUUO NVRmini upgrade_handle.php Remote Command Execution
Posted Jul 24, 2018
Authored by Berk Dusunur

NUUO NVRmini suffers from a remote command execution vulnerability in upgrade_handle.php.

tags | exploit, remote, php
MD5 | 929ca4e4e4ddf2ac4f48d2373e20ba9b
Slackware Security Advisory - php Updates
Posted Jul 23, 2018
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New php packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues.

tags | advisory, php
systems | linux, slackware
MD5 | 16dbf231d102e07198b15fae7baa2d9d
CMS Made Simple 2.2.5 Authenticated Remote Command Execution
Posted Jul 19, 2018
Authored by Jacob Robles, Mustafa Hasen | Site metasploit.com

CMS Made Simple version 2.2.5 allows an authenticated administrator to upload a file and rename it to have a .php extension. The file can then be executed by opening the URL of the file in the /uploads/ directory.

tags | exploit, php
advisories | CVE-2018-1000094
MD5 | 1cbcf8ed9ea5ef18b9981873d99697eb
phpMyAdmin Authenticated Remote Code Execution
Posted Jul 12, 2018
Authored by Jacob Robles, ChaMd5, Henry Huang | Site metasploit.com

phpMyAdmin v4.8.0 and v4.8.1 are vulnerable to local file inclusion, which can be exploited post-authentication to execute PHP code by application. The module has been tested with phpMyAdmin v4.8.1.

tags | exploit, local, php, file inclusion
advisories | CVE-2018-12613
MD5 | 8806abb9a5685ea849d530a130566416
Monstra CMS Authenticated Arbitrary File Upload
Posted Jul 11, 2018
Authored by Touhid M.Shaikh, Ishaq Mohammed | Site metasploit.com

Monstra CMS 3.0.4 allows users to upload arbitrary files which leads to remote command execution on the remote server. An attacker may choose to upload a file containing PHP code and run this code by accessing the resulting PHP file. This Metasploit module was tested against Monstra CMS 3.0.4.

tags | exploit, remote, arbitrary, php
advisories | CVE-2017-18048
MD5 | 7dbdf348dbb60d19f6dfcb69ab4f25d5
GitList 0.6.0 Argument Injection
Posted Jul 7, 2018
Authored by Kacper Szurek, Shelby Pace | Site metasploit.com

This Metasploit module exploits an argument injection vulnerability in GitList version 0.6.0. The vulnerability arises from GitList improperly validating input using the php function 'escapeshellarg'.

tags | exploit, php
MD5 | a1733d5d120783b5373e9c89db24e4a6
Debian Security Advisory 4240-1
Posted Jul 5, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4240-1 - Several vulnerabilities were found in PHP, a widely-used open source general purpose scripting language.

tags | advisory, php, vulnerability
systems | linux, debian
advisories | CVE-2018-10545, CVE-2018-10546, CVE-2018-10547, CVE-2018-10548, CVE-2018-10549, CVE-2018-7584
MD5 | eaff28711d8000b812023696350c581c
Ubuntu Security Notice USN-3702-2
Posted Jul 5, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3702-2 - USN-3702-1 fixed a vulnerability in PHP. PHP 7.2.7 did not actually include the fix for CVE-2018-12882. This update adds a backported patch to correct the issue. It was discovered that PHP incorrectly handled exif tags in certain images. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, php
systems | linux, ubuntu
advisories | CVE-2018-12882
MD5 | 8fe6d115b16c29298453c43df9af9f61
Ubuntu Security Notice USN-3702-1
Posted Jul 4, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3702-1 - It was discovered that PHP incorrectly handled exif tags in certain images. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary, php
systems | linux, ubuntu
advisories | CVE-2018-12882
MD5 | 91cf13f6abb86654377d8a466daabf9a
Dolibarr ERP CRM 7.0.3 Code Injection
Posted Jul 2, 2018
Authored by om3rcitak

Dolibarr ERP CRM versions 7.0.3 and below suffers from a remote PHP code injection vulnerability.

tags | exploit, remote, php
MD5 | c3c0b8993ddf32695f9afefe4a832269
Nagios XI Chained Remote Code Execution
Posted Jun 29, 2018
Authored by Benny Husted, Cale Smith, Jared Arave | Site metasploit.com

This Metasploit module exploits a few different vulnerabilities in Nagios XI 5.2.6-5.4.12 to gain remote root access. The steps are: 1. Issue a POST request to /nagiosql/admin/settings.php which sets the database user to root. 2. SQLi on /nagiosql/admin/helpedit.php allows us to enumerate API keys. 3. The API keys are then used to add an administrative user. 4. An authenticated session is established with the newly added user 5. Command Injection on /nagiosxi/backend/index.php allows us to execute the payload with nopasswd sudo, giving us a root shell. 6. Remove the added admin user and reset the database user.

tags | exploit, remote, shell, root, php, vulnerability
advisories | CVE-2018-8733, CVE-2018-8734, CVE-2018-8735, CVE-2018-8736
MD5 | f275b1da0c15a7e7e5fae8036578d5d8
Quest KACE Systems Management Command Injection
Posted Jun 26, 2018
Authored by Brendan Coles, Leandro Barragan, Guido Leo | Site metasploit.com

This Metasploit module exploits a command injection vulnerability in Quest KACE Systems Management Appliance version 8.0.318 (and possibly prior). The download_agent_installer.php file allows unauthenticated users to execute arbitrary commands as the web server user www. A valid Organization ID is required. The default value is 1. A valid Windows agent version number must also be provided. If file sharing is enabled, the agent versions are available within the \\kace.local\client\agent_provisioning\windows_platform Samba share. Additionally, various agent versions are listed on the KACE website. This Metasploit module has been tested successfully on Quest KACE Systems Management Appliance K1000 version 8.0 (Build 8.0.318).

tags | exploit, web, arbitrary, local, php
systems | windows
advisories | CVE-2018-11138
MD5 | 48ba6b06f4b01737a61a9c63d90ba594
phpMyAdmin 4.x Remote Code Execution
Posted Jun 18, 2018
Authored by Matteo Cantoni, Cure53, Michal AihaA | Site metasploit.com

phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3 does not properly choose delimiters to prevent use of the preg_replace (aka eval) modifier, which might allow remote attackers to execute arbitrary PHP code via a crafted string, as demonstrated by the table search-and-replace implementation.

tags | exploit, remote, arbitrary, php
advisories | CVE-2016-5734
MD5 | 40f298aed179561d60e3ea947664bb79
Debian Security Advisory 4228-1
Posted Jun 14, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4228-1 - Several vulnerabilities were found in SPIP, a website engine for publishing, resulting in cross-site scripting and PHP injection.

tags | advisory, php, vulnerability, xss
systems | linux, debian
advisories | CVE-2017-15736
MD5 | 34b2e7462bfa056a0c19bbce40b04c29
Event Manager Admin Panel events_new.php SQL Injection
Posted Jun 11, 2018
Authored by telahdihapus

The Event Manager PHP Script admin panel suffers from a remote SQL injection vulnerability in events_new.php.

tags | exploit, remote, php, sql injection
MD5 | 83fb888284b894e89bd607800355654e
PHP 7.22 php_stream_url_wrap_http_ex Buffer Overflow
Posted Jun 6, 2018
Authored by Wei Lei, Liu Yang

PHP version 7.2.2 contains a memory corruption bug while parsing malformed HTTP response packets.

tags | exploit, web, overflow, php
advisories | CVE-2018-7584
MD5 | 94cfa36bfbcf163bb9036ca89791986f
PHP Dashboards NEW 5.5 SQL Injection
Posted May 31, 2018
Authored by Kagan Capar

PHP Dashboards NEW version 5.5 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, php, sql injection
MD5 | d00ae116d2bf4184267f84bedd816657
Page 1 of 189
Back12345Next

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

File Archive:

August 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    19 Files
  • 2
    Aug 2nd
    17 Files
  • 3
    Aug 3rd
    16 Files
  • 4
    Aug 4th
    1 Files
  • 5
    Aug 5th
    1 Files
  • 6
    Aug 6th
    19 Files
  • 7
    Aug 7th
    15 Files
  • 8
    Aug 8th
    9 Files
  • 9
    Aug 9th
    7 Files
  • 10
    Aug 10th
    10 Files
  • 11
    Aug 11th
    1 Files
  • 12
    Aug 12th
    0 Files
  • 13
    Aug 13th
    14 Files
  • 14
    Aug 14th
    4 Files
  • 15
    Aug 15th
    23 Files
  • 16
    Aug 16th
    0 Files
  • 17
    Aug 17th
    0 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close