seeing is believing
Showing 51 - 75 of 4,616 RSS Feed

PHP Files

Gentoo Linux Security Advisory 201702-29
Posted Feb 21, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201702-29 - Multiple vulnerabilities have been found in PHP, the worst of which could lead to arbitrary code execution or cause a Denial of Service condition. Versions less than 5.6.30 are affected.

tags | advisory, denial of service, arbitrary, php, vulnerability, code execution
systems | linux, gentoo
advisories | CVE-2016-10158, CVE-2016-10159, CVE-2016-10160, CVE-2016-10161, CVE-2016-9935
MD5 | 285dea360f0016eb3a446ad5ace4117c
Ubuntu Security Notice USN-3196-1
Posted Feb 15, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3196-1 - It was discovered that PHP incorrectly handled certain arguments to the locale_get_display_name function. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. It was discovered that PHP incorrectly handled certain invalid objects when unserializing data. A remote attacker could use this issue to cause PHP to hang, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, php
systems | linux, ubuntu
advisories | CVE-2014-9912, CVE-2016-10158, CVE-2016-10159, CVE-2016-10160, CVE-2016-10161, CVE-2016-7478, CVE-2016-7479, CVE-2016-9137, CVE-2016-9934, CVE-2016-9935
MD5 | 69a7b30a12903bddf2a081c55b9ac6e7
PHP Marketplace Script SQL Injection
Posted Feb 14, 2017
Authored by Yunus YILDIRIM

PHP Marketplace Script suffers from a remote SQL injection vulnerability.

tags | exploit, remote, php, sql injection
MD5 | 8c3427c63ba9ac814a8206bad830ac00
Slackware Security Advisory - php Updates
Posted Feb 13, 2017
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New php packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues.

tags | advisory, php
systems | linux, slackware
advisories | CVE-2016-10158, CVE-2016-10159, CVE-2016-10160, CVE-2016-10161, CVE-2016-10167, CVE-2016-10168
MD5 | 8c2fa97d6d86af50f0ed02e07c85283a
Debian Security Advisory 3783-1
Posted Feb 12, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3783-1 - Several issues have been discovered in PHP, a widely-used open source general-purpose scripting language.

tags | advisory, php
systems | linux, debian
advisories | CVE-2016-10158, CVE-2016-10159, CVE-2016-10160, CVE-2016-10161
MD5 | 6d761dff3ffdd809ec0fe329fee75502
HP Smart Storage Administrator 2.30.6.0 Remote Command Injection
Posted Feb 10, 2017
Authored by Nicolas Mattiocco | Site metasploit.com

This Metasploit module exploits a vulnerability found in HP Smart Storage Administrator. By supplying a specially crafted HTTP request, it is possible to control the 'command' variable in function isDirectFileAccess (found in ipcelmclient.php), which will be used in a proc_open() function. Versions prior to HP SSA 2.60.18.0 are vulnerable.

tags | exploit, web, php
advisories | CVE-2016-8523
MD5 | 48859d411d55d006d79ae52f42803259
Takas Classified Cogeigniter PHP Classified Ad Script 1.1 SQL Injection
Posted Feb 10, 2017
Authored by Ihsan Sencan

Takas Classified Codeigniter PHP Classified Ad Script version 1.1 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, php, sql injection
MD5 | cad1bb405a50ac3f626bde9986910db1
Zigaform PHP Form Builder Contact And Survey 2.9.1 SQL Injection
Posted Feb 10, 2017
Authored by Ihsan Sencan

Zigaform PHP Form Builder Contact and Survey version 2.9.1 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, php, sql injection
MD5 | e7b8da442f7a7ebb9bafb4c0735bd024
PEAR HTML_AJAX 0.5.7 PHP Object Injection
Posted Feb 6, 2017
Authored by EgiX | Site karmainsecurity.com

PEAR HTML_AJAX versions 0.5.7 and below suffer from a PHP object injection vulnerability.

tags | advisory, php
MD5 | d2e6428ee37fd292066c41b75c9463b4
PHP Product Designer Script Arbitrary File Upload
Posted Jan 31, 2017
Authored by Ihsan Sencan

PHP Product Designer Script suffers from a remote file upload vulnerability.

tags | exploit, remote, php, file upload
MD5 | 314e1f0de609938cd2d3e684927b5495
PHP Logo Designer Script Arbitrary File Upload
Posted Jan 31, 2017
Authored by Ihsan Sencan

PHP Logo Designer Script suffers from a remote file upload vulnerability.

tags | exploit, remote, php, file upload
MD5 | 7964b8c6a72e282e33c0362351fbfdf4
KB Affiliate Referral PHP Script 1.0 SQL Injection
Posted Jan 27, 2017
Authored by Ihsan Sencan

KB Affiliate Referral PHP Script version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, php, sql injection
MD5 | 9499f119c353fb3106ba7abf37ae7ae3
KB Messages PHP Script 1.0 SQL Injection
Posted Jan 27, 2017
Authored by Ihsan Sencan

KB Messages PHP Script version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, php, sql injection
MD5 | b4ec7f6c03ec6953f93f24ee7f9db62d
WordPress InfiniteWP Client 1.5.1.3 / 1.6.0 PHP Object Injection
Posted Jan 25, 2017
Authored by Yorick Koster, Securify B.V.

WordPress InfiniteWP Client plugin versions 1.5.1.3 and 1.6.0 suffer from a PHP object injection vulnerability.

tags | advisory, php
MD5 | 46b274061e0acc0178360b285063f6b1
WordPress CMS Commander Client 2.21 PHP Object Injection
Posted Jan 25, 2017
Authored by Yorick Koster, Securify B.V.

WordPress CMS Command Client plugin version 2.21 suffer from a PHP object injection vulnerability.

tags | advisory, php
MD5 | 9a7027555b61d92952f9550a552cf56f
WordPress Google Forms 0.87 PHP Object Injection
Posted Jan 25, 2017
Authored by Yorick Koster, Securify B.V.

WordPress Google Forms plugin versions 0.8 through 0.87 suffer from a PHP object injection vulnerability.

tags | advisory, php
MD5 | 4808b37b794d5488075cea57599da9e2
Debian Security Advisory 3769-1
Posted Jan 23, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3769-1 - Dawid Golunski from LegalHackers discovered that PHP Swift Mailer, a mailing solution for PHP, did not correctly validate user input. This allowed a remote attacker to execute arbitrary code by passing specially formatted email addresses in specific email headers.

tags | advisory, remote, arbitrary, php
systems | linux, debian
advisories | CVE-2016-10074
MD5 | 35e5943384aadc42f6da685cc43be28c
PHP 5.6.x / MyBB 1.8.3 Remote Code Execution
Posted Jan 22, 2017
Authored by Taoguang Chen

MyBB versions 1.8.3 and below alongside PHP versions prior to 5.6.30 suffer from a GMP deserialization type confusion vulnerability.

tags | exploit, php
MD5 | 30760925e589d8a94e02a3f2a0be95bb
HP Security Bulletin HPSBST03671 2
Posted Jan 15, 2017
Authored by HP | Site hp.com

HP Security Bulletin HPSBST03671 2 - A security vulnerability in PHP was addressed by the HPE StoreEver MSL6480 Tape Library firmware version 5.10. The vulnerability could be exploited remotely to allow Unauthorized Disclosure of Information or Denial of Service via the Ethernet Management Interface. Please note that the Management Interface cannot access data stored on tape media, so this vulnerability does not allow for remote unauthorized disclosure of data stored on tape media or remote denial of service. Revision 2 of this advisory.

tags | advisory, remote, denial of service, php
advisories | CVE-2013-7456, CVE-2016-3074, CVE-2016-5093, CVE-2016-5094, CVE-2016-5096, CVE-2016-5385, CVE-2016-5399, CVE-2016-5766, CVE-2016-5767, CVE-2016-5768, CVE-2016-5769, CVE-2016-5770, CVE-2016-5771, CVE-2016-5772, CVE-2016-5773, CVE-2016-6207, CVE-2016-6289, CVE-2016-6290, CVE-2016-6291, CVE-2016-6292, CVE-2016-6293, CVE-2016-6294, CVE-2016-6295, CVE-2016-6296, CVE-2016-6297
MD5 | fb67b891b56562e11316c0a51423d76f
My PHP Dating 2.0 SQL Injection
Posted Jan 9, 2017
Authored by Nassim Asrir

MY PHP Dating version 2.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, php, sql injection
MD5 | e18a4188cda1cb9e3615969002a87083
My PHP Dating 2.0 SQL Injection
Posted Jan 9, 2017
Authored by Ihsan Sencan

My PHP Dating version 2.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, php, sql injection
MD5 | f0600c7e8f6b401bf53137d384510352
PHPMailer / Zend-mail / SwiftMailer Remote Code Execution
Posted Jan 3, 2017
Authored by Dawid Golunski

This proof of concept exploit aims to execute a reverse shell on the target in the context of the web server user via a vulnerable PHP email library.

tags | exploit, web, shell, php, proof of concept
advisories | CVE-2016-10033, CVE-2016-10034, CVE-2016-10045, CVE-2016-10074
MD5 | a0be91defae2564f4405c81fdeab38cd
Debian Security Advisory 3750-1
Posted Jan 1, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3750-1 - Dawid Golunski discovered that PHPMailer, a popular library to send email from PHP applications, allowed a remote attacker to execute code if they were able to provide a crafted Sender address.

tags | advisory, remote, php
systems | linux, debian
advisories | CVE-2016-10033
MD5 | 5dc26db485db0eb499f2c2dd00a40bdc
Debian Security Advisory 3732-2
Posted Dec 21, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3732-2 - The update for php5 issued as DSA-3732-1 caused segfaults in php-ssh2. Updated packages are now available to correct this issue.

tags | advisory, php
systems | linux, debian
MD5 | 642a44328ef63252d1cc3f928d768e0e
Slackware Security Advisory - php Updates
Posted Dec 13, 2016
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New php packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues.

tags | advisory, php
systems | linux, slackware
advisories | CVE-2016-9933, CVE-2016-9934, CVE-2016-9935
MD5 | 8ebb523ad4cd0c60fe37bda621b75f42
Page 3 of 185
Back12345Next

File Archive:

October 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    15 Files
  • 2
    Oct 2nd
    16 Files
  • 3
    Oct 3rd
    15 Files
  • 4
    Oct 4th
    15 Files
  • 5
    Oct 5th
    11 Files
  • 6
    Oct 6th
    6 Files
  • 7
    Oct 7th
    2 Files
  • 8
    Oct 8th
    1 Files
  • 9
    Oct 9th
    13 Files
  • 10
    Oct 10th
    16 Files
  • 11
    Oct 11th
    15 Files
  • 12
    Oct 12th
    23 Files
  • 13
    Oct 13th
    13 Files
  • 14
    Oct 14th
    12 Files
  • 15
    Oct 15th
    2 Files
  • 16
    Oct 16th
    16 Files
  • 17
    Oct 17th
    16 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close