National Vulnerability Database

National Vulnerability Database

National Vulnerability

Search Results (Refine Search)

Search Parameters:
  • Keyword (text search): PHP
  • Search Type: Search All
  • Contains Software Flaws (CVE)
There are 27,244 matching records.
Displaying matches 21 through 40.
Vuln ID Summary CVSS Severity

Adive Framework 2.0.8 has admin/user/add userUsername XSS.

Published: January 26, 2020; 05:15:10 PM -05:00
V3.1: 6.1 MEDIUM
    V2: 4.3 MEDIUM

Novell ZENworks Configuration Management before 11.2.4 allows obtaining sensitive trace information.

Published: January 25, 2020; 02:15:10 PM -05:00
V3.1: 7.5 HIGH
    V2: 5.0 MEDIUM

Novell ZENworks Configuration Management before 11.2.4 allows XSS.

Published: January 25, 2020; 02:15:10 PM -05:00
V3.1: 6.1 MEDIUM
    V2: 4.3 MEDIUM

Cross-site scripting in SimpleSAMLphp before version 1.18.4. The www/erroreport.php script allows error reports to be submitted and sent to the system administrator. Starting with SimpleSAMLphp 1.18.0, a new SimpleSAML\Utils\EMail class was introduced to handle sending emails, implemented as a wrapper of an external dependency. This new wrapper allows us to use Twig templates in order to create the email sent with an error report. Since Twig provides automatic escaping of variables, manual escaping of the free-text field in www/errorreport.php was removed to avoid double escaping. However, for those not using the new user interface yet, an email template is hardcoded into the class itself in plain PHP. Since no escaping is provided in this template, it is then possible to inject HTML inside the template by manually crafting the contents of the free-text field.

Published: January 24, 2020; 05:15:23 PM -05:00
(not available)

Log injection in SimpleSAMLphp before version 1.18.4. The www/erroreport.php script, which receives error reports and sends them via email to the system administrator, did not properly sanitize the report identifier obtained from the request. This allows an attacker, under specific circumstances, to inject new log lines by manually crafting this report ID. When configured to use the file logging handler, SimpleSAMLphp will output all its logs by appending each log line to a given file. Since the reportID parameter received in a request sent to www/errorreport.php was not properly sanitized, it was possible to inject newline characters into it, effectively allowing a malicious user to inject new log lines with arbitrary content.

Published: January 24, 2020; 04:15:14 PM -05:00
(not available)

CODESYS Control V3, Gateway V3, and HMI V3 before allow uncontrolled memory allocation which can result in a remote denial of service condition.

Published: January 24, 2020; 03:15:10 PM -05:00
(not available)

A URL parameter injection vulnerability was found in the back-channel ticket validation step of the CAS protocol in Jasig Java CAS Client before 3.3.2, .NET CAS Client before 1.0.2, and phpCAS before 1.3.3 that allow remote attackers to inject arbitrary web script or HTML via the (1) service parameter to validation/ or (2) pgtUrl parameter to validation/

Published: January 24, 2020; 02:15:12 PM -05:00
(not available)

WordPress WP GPX Maps Plugin 1.1.21 allows remote attackers to execute arbitrary PHP code via improper file upload.

Published: January 23, 2020; 05:15:09 PM -05:00
(not available)

Server-side request forgery (SSRF) vulnerability in feed-proxy.php in extjs 5.0.0.

Published: January 23, 2020; 11:15:11 AM -05:00
(not available)

BabyGekko before 1.2.4 allows PHP file inclusion.

Published: January 23, 2020; 10:15:12 AM -05:00
(not available)

A Cross-Site Scripting (XSS) vulnerability exists in the admin login screen in Phorum before 5.2.18.

Published: January 22, 2020; 03:15:11 PM -05:00
V3.1: 6.1 MEDIUM
    V2: 4.3 MEDIUM

A reverse proxy issue exists in FluxBB before 1.4.7 when FORUM_BEHIND_REVERSE_PROXY is enabled.

Published: January 22, 2020; 01:15:11 PM -05:00
(not available)

Cross-Site Request Forgery (CSRF) vulnerability exists in panel.php in UseBB before 1.0.12.

Published: January 22, 2020; 01:15:11 PM -05:00
V3.1: 8.8 HIGH
    V2: 6.8 MEDIUM

A File Inclusion vulnerability exists in act parameter to admin.php in UseBB before 1.0.12.

Published: January 22, 2020; 12:15:10 PM -05:00
(not available)

Multiple Cross-site Scripting (XSS) vulnerabilities exist in Joomla! through 1.7.0 in index.php in the search word, extension, asset, and author parameters.

Published: January 22, 2020; 11:15:10 AM -05:00
V3.1: 5.4 MEDIUM
    V2: 3.5 LOW

An issue was discovered in Simple Machines Forum (SMF) before 2.0.16. Reverse tabnabbing can occur because of use of _blank for external links.

Published: January 22, 2020; 01:15:10 AM -05:00
(not available)

Lifesize Express ls ex2_4.7.10 2000 (14) devices allow XSS via the interface/interface.php brand parameter.

Published: January 21, 2020; 08:15:11 PM -05:00
V3.1: 6.1 MEDIUM
    V2: 4.3 MEDIUM

The marketo-forms-and-tracking plugin through 1.0.2 for WordPress allows wp-admin/admin.php?page=marketo_fat CSRF with resultant XSS.

Published: January 21, 2020; 02:15:14 PM -05:00
(not available)

Cacti through 1.2.7 is affected by a graphs.php?template_id= SQL injection vulnerability affecting how template identifiers are handled when a string and id composite value are used to identify the template type and id. An authenticated attacker can exploit this to extract data from the database, or an unauthenticated remote attacker could exploit this via Cross-Site Request Forgery.

Published: January 21, 2020; 02:15:13 PM -05:00
(not available)

An issue was discovered in the Huge-IT gallery-images plugin before 1.9.0 for WordPress. The headers Client-Ip and X-Forwarded-For are prone to unauthenticated SQL injection. The affected file is gallery-images.php. The affected function is huge_it_image_gallery_ajax_callback().

Published: January 21, 2020; 02:15:12 PM -05:00
(not available)