what you don't know can hurt you
Showing 1 - 25 of 5,039 RSS Feed

PHP Files

Red Hat Security Advisory 2022-1935-01
Posted May 11, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-1935-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Issues addressed include bypass, privilege escalation, and server-side request forgery vulnerabilities.

tags | advisory, web, php, vulnerability
systems | linux, redhat
advisories | CVE-2021-21703, CVE-2021-21705
SHA-256 | 5ac37a20c66d6dd00fcf5f109c3261ba56a23ac26523e73dc2b13bec0d586020
WordPress Booking Calendar 9.1 PHP Object Injection / Insecure Deserialization
Posted Apr 27, 2022
Authored by Ramuel Gall | Site wordfence.com

WordPress Booking Calendar plugin versions 9.1 and below suffer from PHP object injection and insecure deserialization vulnerabilities.

tags | advisory, php, vulnerability
advisories | CVE-2022-1463
SHA-256 | ca383548169d539c9e3c7a8fb2058f0828391d09365e432f7376f20ec13cc507
SAP Information System 1.0.0 Missing Authorization
Posted Apr 7, 2022
Authored by Mr Empy

SAP Information System version 1.0.0 suffers from an improper authentication vulnerability that allows a malicious user to create an administrative account without needing to authenticate. The POST request is sent to the /SAP_Information_System/controllers/add_admin.php endpoint. The problem occurs due to lack of session verification in the request.

tags | exploit, php, bypass
advisories | CVE-2022-1248
SHA-256 | 81b2d35c550ef4f8db3fd0aac42c15232a707b20d75b5eeabeefd52e176de1e6
Online Sports Complex Booking System 1.0 SQL Injection
Posted Apr 6, 2022
Authored by Zllggggg

Online Sports Complex Booking System version 1.0 suffers from a remote blind SQL injection vulnerability in Users.php. This is a similar issue as the one discovered by Saud Alenazi in March of 2022 but affects a different file.

tags | exploit, remote, php, sql injection
SHA-256 | f3b7c99d8727d07603b174d479dfb42058fa680951e9988a3939e654323f2f78
Roxy File Manager 1.4.5 PHP File Upload Restriction Bypass
Posted Apr 4, 2022
Authored by Adam Shebani

Roxy File Manager version 1.4.5 proof of concept exploit for a PHP file upload restriction bypass vulnerability.

tags | exploit, php, proof of concept, bypass, file upload
advisories | CVE-2018-20525
SHA-256 | 56429affeb38a91070ee24b0aaf512970594ce033504501832983da83e9dea5a
PHP filter_var Bypass Patch
Posted Mar 29, 2022
Authored by Jordy Zomer

When the filter_var function is used in conjunction with the flags FILTER_VALIDATE_DOMAIN and FILTER_FLAG_HOSTNAME, there is a vulnerability in PHP that allows the filter to be bypassed. A patch has been included by the researcher as the PHP security team seems to have ignored this concern.

tags | advisory, php, patch, bypass
systems | unix
SHA-256 | adddea024dbdd005a547c113193969e21a6c422c65e5611f207efd46bf8ae635
ImpressCMS 1.4.2 SQL Injection / Remote Code Execution
Posted Mar 23, 2022
Authored by EgiX | Site karmainsecurity.com

ImpressCMS versions 1.4.2 and below pre-authentication SQL injection to remote code execution exploit. User input passed through the "groups" POST parameter to the /include/findusers.php script is not properly sanitized before being passed to the icms_member_Handler::getUserCountByGroupLink() and icms_member_Handler::getUsersByGroupLink() methods. These methods use the first argument to construct a SQL query without proper validation, and this can be exploited by remote attackers to e.g. read sensitive data from the "users" database table through boolean-based SQL Injection attacks. The application uses PDO as a database driver, which allows for stacked SQL queries, as such this vulnerability could be exploited to e.g. create a new admin user and execute arbitrary PHP code.

tags | exploit, remote, arbitrary, php, code execution, sql injection
advisories | CVE-2021-26598, CVE-2021-26599
SHA-256 | 576e64698cc9d7062dccead415b9bdbbe2c02e4ae86258cd980164b5e56355cc
Ubuntu Security Notice USN-5300-3
Posted Mar 7, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5300-3 - USN-5300-1 fixed vulnerabilities in PHP. This update provides the corresponding updates for Ubuntu 21.10. It was discovered that PHP incorrectly handled certain scripts. An attacker could possibly use this issue to cause a denial of service. It was discovered that PHP incorrectly handled certain inputs. An attacker could possibly use this issue to cause a denial of service, or possibly obtain sensitive information. It was discovered that PHP incorrectly handled certain scripts with XML parsing functions. An attacker could possibly use this issue to obtain sensitive information.

tags | advisory, denial of service, php, vulnerability
systems | linux, ubuntu
advisories | CVE-2017-8923, CVE-2017-9119, CVE-2021-21707
SHA-256 | 79f9d135d4d4a7c56dc43a848d48ffdb653c44069b4fe34f8a66deeb9811750f
Ubuntu Security Notice USN-5300-2
Posted Mar 3, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5300-2 - USN-5300-1 fixed vulnerabilities in PHP. This update provides the corresponding updates for Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. It was discovered that PHP incorrectly handled certain scripts. An attacker could possibly use this issue to cause a denial of service. It was discovered that PHP incorrectly handled certain inputs. An attacker could possibly use this issue to cause a denial of service, or possibly obtain sensitive information. It was discovered that PHP incorrectly handled certain scripts with XML parsing functions. An attacker could possibly use this issue to obtain sensitive information.

tags | advisory, denial of service, php, vulnerability
systems | linux, ubuntu
advisories | CVE-2017-8923, CVE-2017-9119, CVE-2021-21707
SHA-256 | 8d289bff69aa5a1c07a2ec7e6f761299daae4511e4dcce44a32c652a3e06a38e
Ubuntu Security Notice USN-5303-1
Posted Feb 28, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5303-1 - It was discovered that PHP incorrectly handled certain scripts. An attacker could possibly use this issue to cause a denial of service, or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, php
systems | linux, ubuntu
advisories | CVE-2021-21708
SHA-256 | eac3ef8542d9946db383117234b5345b135eed10bf4036c82db688ec31e6cf88
Ubuntu Security Notice USN-5300-1
Posted Feb 23, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5300-1 - It was discovered that PHP incorrectly handled certain scripts. An attacker could possibly use this issue to cause a denial of service. It was discovered that PHP incorrectly handled certain inputs. An attacker could possibly use this issue to cause a denial of service, or possibly obtain sensitive information. It was discovered that PHP incorrectly handled certain scripts with XML parsing functions. An attacker could possibly use this issue to obtain sensitive information.

tags | advisory, denial of service, php
systems | linux, ubuntu
advisories | CVE-2015-9253, CVE-2017-9119, CVE-2017-9120, CVE-2021-21707
SHA-256 | a3c43189a77d959782469e503170048c773cfe62638b7e5096d7604ac94e195c
Nagios XI Autodiscovery Shell Upload
Posted Feb 14, 2022
Authored by jbaines-r7, Claroty Team82 | Site metasploit.com

This Metasploit module exploits a path traversal issue in Nagios XI before version 5.8.5. The path traversal allows a remote and authenticated administrator to upload a PHP web shell and execute code as www-data. The module achieves this by creating an autodiscovery job with an id field containing a path traversal to a writable and remotely accessible directory, and custom_ports field containing the web shell. A cron file will be created using the chosen path and file name, and the web shell is embedded in the file. After the web shell has been written to the victim, this module will then use the web shell to establish a Meterpreter session or a reverse shell. By default, the web shell is deleted by the module, and the autodiscovery job is removed as well.

tags | exploit, remote, web, shell, php
advisories | CVE-2021-37343
SHA-256 | 056c02dbc5e575c5155e8c34f4766dcc9830256d1bc589d898d599d7f0e9dc4d
PHP Everywhere 2.0.3 Remote Code Execution
Posted Feb 8, 2022
Authored by Ramuel Gall | Site wordfence.com

PHP Everywhere versions 2.0.3 and below suffer from multiple remote code execution vulnerabilities.

tags | exploit, remote, php, vulnerability, code execution
advisories | CVE-2022-24663, CVE-2022-24664, CVE-2022-24665
SHA-256 | 6a2dcc3898ac3a1b90915521a41f2d6e5e9592121ab91ccecbf993baae2e11e2
PHP Restaurants 1.0 SQL Injection
Posted Feb 2, 2022
Authored by Nefrit ID

PHP Restaurants version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, php, sql injection
SHA-256 | 0b66b95fb0274768cbeb88fb3604dc7470a8f62cee12f074366923784dc89d91
PHP Unit 4.8.28 Remote Code Execution
Posted Feb 2, 2022
Authored by souzo

PHP Unit version 4.8.28 suffers from a remote code execution vulnerability. Related CVE number: CVE-2017-9841. Authored by souzo

tags | exploit, remote, php, code execution
SHA-256 | 969a4a6b0fcb659dba0da5a8277fc2afa42e6757b9c324aab8c2a15efbdcd7ea
Library System In PHP 1.0 Cross Site Scripting
Posted Jan 5, 2022
Authored by Akash Rajendra Patil

Library System in PHP version 1.0 suffers from a persistent cross site scripting vulnerability.

tags | exploit, php, xss
SHA-256 | 484590dc8cdcace436df1d2a4e2a63be9965f409ec7198e0fb2a122ca5c6b4ce
WordPress Popular Posts 5.3.2 Remote Code Execution
Posted Dec 20, 2021
Authored by h00die, Simone Cristofaro, Jerome Bruandet | Site metasploit.com

This exploit requires Metasploit to have a FQDN and the ability to run a payload web server on port 80, 443, or 8080. The FQDN must also not resolve to a reserved address (192/172/127/10). The server must also respond to a HEAD request for the payload, prior to getting a GET request. This exploit leverages an authenticated improper input validation in WordPress plugin Popular Posts versions 5.3.2 and below. The exploit chain is rather complicated. Authentication is required and gd for PHP is required on the server. Then the Popular Post plugin is reconfigured to allow for an arbitrary URL for the post image in the widget. A post is made, then requests are sent to the post to make it more popular than the previous #1 by 5. Once the post hits the top 5, and after a 60 second server cache refresh (the exploit waits 90 seconds), the homepage widget is loaded which triggers the plugin to download the payload from the server. The payload has a GIF header, and a double extension (.gif.php) allowing for arbitrary PHP code to be executed.

tags | exploit, web, arbitrary, php
advisories | CVE-2021-42362
SHA-256 | 90db5fa8de8fdf34a913230d5320fbeba171c2aac53e75371d7b3d5919bde065
Bazaar Web PHP Social Listings Shell Upload
Posted Dec 20, 2021
Authored by Sohel Yousef

Bazaar Web PHP Social Listings suffers from a remote shell upload vulnerability.

tags | exploit, remote, web, shell, php
SHA-256 | f1629de60b9c1c66f85917fe4e27cf490f6caab55d5182d2047cf1df6cde10ab
Signup PHP Portal 2.1 Shell Upload
Posted Dec 20, 2021
Authored by Sohel Yousef

Signup PHP Portal version 2.1 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell, php
SHA-256 | 0ffc78db1554cc2312874b940b014bebbe2e06854b885e74b9060727a2e56e98
Online Enrollment Management System In PHP And PayPal 1.0 Cross Site Scripting
Posted Dec 1, 2021
Authored by Tushar Jadhav

Online Enrollment Management System in PHP and PayPal version 1.0 suffers from a persistent cross site scripting vulnerability.

tags | exploit, php, xss
advisories | CVE-2021-40577
SHA-256 | 58b09da437a9db3ee5522fd14065907371363210d686eb9837c10907ebae0b69
SuiteCRM 7.11.18 Remote Code Execution
Posted Nov 17, 2021
Authored by M. Cory Billington | Site metasploit.com

This Metasploit module exploits an input validation error on the log file extension parameter of SuiteCRM version 7.11.18. It does not properly validate upper/lower case characters. Once this occurs, the application log file will be treated as a php file. The log file can then be populated with php code by changing the username of a valid user, as this info is logged. The php code in the file can then be executed by sending an HTTP request to the log file. A similar issue was reported by the same researcher where a blank file extension could be supplied and the extension could be provided in the file name. This exploit will work on those versions as well, and those references are included.

tags | exploit, web, php
advisories | CVE-2020-28328, CVE-2021-42840
SHA-256 | 7f2ef0fa96275977d80eca31460f8f2876baa953ce756a42a73f7d1524b141fb
PHP Laravel 8.70.1 Cross Site Request Forgery / Cross Site Scripting
Posted Nov 15, 2021
Authored by Hosein Vita

PHP Laravel version 8.70.1 suffers from cross site scripting and cross site request forgery related vulnerabilities.

tags | exploit, php, vulnerability, xss, csrf
SHA-256 | 03959819037d931fa9bc8a86e042128e57d18e192cdb95d48075c2d8e2c636b5
Aerohive NetConfig 10.0r8a Local File Inclusion / Remote Code Execution
Posted Nov 12, 2021
Authored by Erik Wynter, Erik de Jong | Site metasploit.com

This Metasploit module exploits local file inclusion and log poisoning vulnerabilities (CVE-2020-16152) in Aerohive NetConfig, version 10.0r8a build-242466 and older in order to achieve unauthenticated remote code execution as the root user. NetConfig is the Aerohive/Extreme Networks HiveOS administrative webinterface. Vulnerable versions allow for LFI because they rely on a version of PHP 5 that is vulnerable to string truncation attacks. This module leverages this issue in conjunction with log poisoning to gain remote code execution as root. Upon successful exploitation, the Aerohive NetConfig application will hang for as long as the spawned shell remains open. Closing the session should render the application responsive again. The module provides an automatic cleanup option to clean the log. However, this option is disabled by default because any modifications to the /tmp/messages log, even via sed, may render the target (temporarily) unexploitable. This state can last over an hour. This module has been successfully tested against Aerohive NetConfig versions 8.2r4 and 10.0r7a.

tags | exploit, remote, shell, local, root, php, vulnerability, code execution, file inclusion
advisories | CVE-2020-16152
SHA-256 | f4fce0d3935a3baeeca64e47d1f3ececd06846dd7a61129d94c68314b7e81dbb
Red Hat Security Advisory 2021-4213-03
Posted Nov 10, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4213-03 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Issues addressed include a null pointer vulnerability.

tags | advisory, web, php
systems | linux, redhat
advisories | CVE-2020-7068, CVE-2020-7069, CVE-2020-7070, CVE-2020-7071, CVE-2021-21702
SHA-256 | 743ac4c5b84cb5122f483307d386d734caf3f5fe3e3b3830f0feabd5cf82f541
PHP Event Calendar Lite Edition Cross Site Scripting
Posted Nov 5, 2021
Authored by Erik Steltzner, Maurizio Ruchay | Site sec-consult.com

PHP Event Calendar Lite Edition suffers from a persistent cross site scripting vulnerability.

tags | exploit, php, xss
advisories | CVE-2021-42078
SHA-256 | 09c617426974d7713fb8ccab94dcccb7210bc336670db3a9f3be869096871afb
Page 1 of 202
Back12345Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    4 Files
  • 19
    May 19th
    17 Files
  • 20
    May 20th
    2 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close