Yahei PHP Prober version 0.4.7 suffers from a cross site scripting vulnerability.
f12a62cb7579b29c118d5b72292a0c3eThis Metasploit module will generate and upload a plugin to ProcessMaker resulting in execution of PHP code as the web server user. Credentials for a valid user account with Administrator roles is required to run this module. This Metasploit module has been tested successfully on ProcessMaker versions 1.6-4276, 2.0.23, 3.0 RC 1, 3.2.0, 3.2.1 on Windows 7 SP 1; and version 3.2.0 on Debian Linux 8.
62ca13841303372ebfe7885ec8e1b271Slackware Security Advisory - New php packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues.
a7016e23d3beb38a24d8e1e1f0708b2bThis Metasploit module exploits a vulnerability found in ClipBucket versions before 4.0.0 (Release 4902). A malicious file can be uploaded using an unauthenticated arbitrary file upload vulnerability. It is possible for an attacker to upload a malicious script to issue operating system commands. This issue is caused by improper session handling in /action/beats_uploader.php file. This Metasploit module was tested on ClipBucket before 4.0.0 - Release 4902 on Windows 7 and Kali Linux.
d2275d600b73e806af00c2c4d704c496Ubuntu Security Notice 3600-1 - It was discovered that PHP incorrectly handled certain stream metadata. A remote attacker could possibly use this issue to set arbitrary metadata. This issue only affected Ubuntu 14.04 LTS. It was discovered that PHP incorrectly handled the PHAR 404 error page. A remote attacker could possibly use this issue to conduct cross-site scripting attacks. This issue only affected Ubuntu 16.04 LTS and Ubuntu 17.10. Various other issues were also addressed.
4120462fc6fd27b1ad02894820c93486Debian Linux Security Advisory 4142-1 - Marios Nicolaides discovered that the PHP plugin in uWSGI, a fast, self-healing application container server, does not properly handle a DOCUMENT_ROOT check during use of the --php-docroot option, allowing a remote attacker to mount a directory traversal attack and gain unauthorized read access to sensitive files located outside of the web root directory.
b27d21328ecc754819007e251a72861dRed Hat Security Advisory 2018-0406-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fix: php: Buffer over-read from uninitialized data in gdImageCreateFromGifCtx function.
5a4ffbd2634a1a77f6456bcc55e8be27Social Oauth Login PHP suffers from a remote SQL injection vulnerability that allows for authentication bypass.
50c6d42d491cdd52647e23330f7ba0bfUbuntu Security Notice 3566-1 - It was discovered that PHP incorrectly handled the PHAR 404 error page. A remote attacker could possibly use this issue to conduct cross-site scripting attacks. It was discovered that PHP incorrectly handled memory when unserializing certain data. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.
0b5c9a022daec85647b0067cd2617764PHP Scripts Mall Doctor Search Script version 1.0.2 suffers from a cross site scripting vulnerability.
be08ecb0a94b7c67c36583ccda5fc834WordPress load-scripts.php denial of service exploit.
c5199aa5847b27d9f9ce21b843ab9feeWordPress Core suffers from a load-scripts.php denial of service vulnerability.
7fb9f333287d6bceb67916a30184fc61Slackware Security Advisory - New php packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues.
f1eeaefa5650451e1a2567427e5c6303Event Manager PHP Script version 1.0 suffers from a remote SQL injection vulnerability.
bc5abfcc22424338eaa96b3208042ce0WordPress Splashing Images plugin version 2.1 suffers from PHP object injection and cross site scripting vulnerabilities.
2074b9733bf382d13829e0d172ba5646This Metasploit module exploits an Object Injection vulnerability in Kaltura. By exploiting this vulnerability, unauthenticated users can execute arbitrary code under the context of the web server user. Kaltura makes use of a hard-coded cookie secret which allows to sign arbitrary cookie data. After passing this signature check, the base64- decoded data is passed to PHPs unserialize() function which allows for code execution. The constructed object is again based on the SektionEins Zend code execution POP chain PoC. Kaltura versions prior to 13.1.0 are affected by this issue. A valid entry_id (which is required for this exploit) can be obtained from any media resource published on the kaltura installation. This Metasploit module was tested against Kaltura 13.1.0-2 installed on Ubuntu 14.04.
378cc7a64ba0d3b9625bf7d0daeb9bd6CMS Made Simple version 2.2.5 suffers from a reflective cross site scripting vulnerability in /admin/moduleinterface.php.
d2044b874e380c62d644f523c1cd981fCMS Made Simple version 2.2.5 suffers from a reflective cross site scripting vulnerability in /admin/moduleinterface.php.
2d3ebcdbc68d9092e39263cfe7528fbbDebian Linux Security Advisory 4094-1 - It was discovered that Smarty, a PHP template engine, was vulnerable to code-injection attacks. An attacker was able to craft a filename in comments that could lead to arbitrary code execution on the host running Smarty.
dfcee3b5f519bf8bee3c485dbbc05993LiveZilla version 7.0.6.0 suffers from a cross site scripting vulnerability in knowledgebase.php.
269d0247d9cc0df479adf64266b91d9cpfSense versions 2.1.3 and below suffer from a status_rrd_graph_img.php command injection vulnerability.
0119ea7e4ed56c2dfa60e99cdbfcc55bThis Metasploit module exploits an unrestricted file upload vulnerability in Web Viewer 1.0.0.193 on Samsung SRN-1670D devices. The network_ssl_upload.php file allows remote authenticated attackers to upload and execute arbitrary PHP code via a filename with a .php extension, which is then accessed via a direct request to the file in the upload/ directory. To authenticate for this attack, one can obtain web-interface credentials in cleartext by leveraging the existing local file read vulnerability referenced by CVE-2015-8279, which allows remote attackers to read the web interface credentials by sending a request to: cslog_export.php?path=/root/php_modules/lighttpd/sbin/userpw URI.
a040c104d632cd4ba7549225102c8f38Debian Linux Security Advisory 4080-1 - Several vulnerabilities were found in PHP, a widely-used open source general purpose scripting language.
7a923ed447a8c3d28e10e24fe62a1992Debian Linux Security Advisory 4081-1 - Several vulnerabilities were found in PHP, a widely-used open source general purpose scripting language.
fdb7bf3837629f4a8ca9b2cef7a169adVideoDuo Video Search Engine PHP script version 3.1 suffers from a cross site scripting vulnerability.
e2d8339c00f2cea48ab6ead24eb86774
© 2018 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed