National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Keyword (text search): PHP
  • Search Type: Search All
  • Contains Software Flaws (CVE)
There are 26,241 matching records.
Displaying matches 61 through 80.
Vuln ID Summary CVSS Severity
CVE-2019-13282

In Xpdf 4.01.01, a heap-based buffer over-read could be triggered in SampledFunction::transform in Function.cc when using a large index for samples. It can, for example, be triggered by sending a crafted PDF document to the pdftotext tool. It allows an attacker to use a crafted pdf file to cause Denial of Service or an information leak, or possibly have unspecified other impact.

Published: July 04, 2019; 04:15:10 PM -04:00
V3: 7.8 HIGH
V2: 6.8 MEDIUM
CVE-2019-13281

In Xpdf 4.01.01, a heap-based buffer overflow could be triggered in DCTStream::decodeImage() in Stream.cc when writing to frameBuf memory. It can, for example, be triggered by sending a crafted PDF document to the pdftotext tool. It allows an attacker to use a crafted pdf file to cause Denial of Service, an information leak, or possibly unspecified other impact.

Published: July 04, 2019; 04:15:10 PM -04:00
V3: 7.8 HIGH
V2: 6.8 MEDIUM
CVE-2019-13239

inc/user.class.php in GLPI before 9.4.3 allows XSS via a user picture.

Published: July 04, 2019; 11:15:11 AM -04:00
V3: 6.1 MEDIUM
V2: 4.3 MEDIUM
CVE-2019-13074

A vulnerability in the FTP daemon on MikroTik routers through 6.44.3 could allow remote attackers to exhaust all available memory, causing the device to reboot because of uncontrolled resource management.

Published: July 03, 2019; 05:15:10 PM -04:00
V3: 7.5 HIGH
V2: 7.8 HIGH
CVE-2019-13186

In MiniCMS V1.10, stored XSS was found in mc-admin/post-edit.php via the tags box. An attacker can use it to get a user's cookie. This is different from CVE-2018-10296, CVE-2018-16233, and CVE-2018-20520.

Published: July 03, 2019; 01:15:10 PM -04:00
V3: 6.1 MEDIUM
V2: 4.3 MEDIUM
CVE-2018-12250

An issue was discovered in Elite CMS Pro 2.01. In /admin/add_sidebar.php, the ?page= parameter is vulnerable to SQL injection.

Published: July 03, 2019; 01:15:10 PM -04:00
V3: 7.2 HIGH
V2: 6.5 MEDIUM
CVE-2018-11686

The Publish Service in FlexPaper (later renamed FlowPaper) 2.3.6 allows remote code execution via setup.php and change_config.php.

Published: July 03, 2019; 01:15:09 PM -04:00
V3: 9.8 CRITICAL
V2: 7.5 HIGH
CVE-2017-6216

novaksolutions/infusionsoft-php-sdk v2016-10-31 is vulnerable to a reflected XSS in the leadscoring.php resulting code execution

Published: July 03, 2019; 01:15:09 PM -04:00
V3: 6.1 MEDIUM
V2: 4.3 MEDIUM
CVE-2017-18346

SQL injection vulnerability in /wbg/core/_includes/authorization.inc.php in CMS Web-Gooroo through 2013-01-19 allows remote attackers to execute arbitrary SQL commands via the wbg_login parameter.

Published: July 03, 2019; 01:15:09 PM -04:00
V3: 9.8 CRITICAL
V2: 7.5 HIGH
CVE-2017-17972

packages/subjects/pub/subjects.php in Archon 3.21 rev-1 has XSS in the referer parameter in an index.php?subjecttypeid=xxx request, aka Open Bug Bounty ID OBB-466362.

Published: July 03, 2019; 01:15:09 PM -04:00
V3: 6.1 MEDIUM
V2: 4.3 MEDIUM
CVE-2018-11317

Subrion CMS before 4.1.4 has XSS.

Published: July 03, 2019; 12:15:10 PM -04:00
V3: 6.1 MEDIUM
V2: 4.3 MEDIUM
CVE-2018-11227

Monstra CMS 3.0.4 and earlier has XSS via index.php.

Published: July 03, 2019; 12:15:09 PM -04:00
V3: 6.1 MEDIUM
V2: 4.3 MEDIUM
CVE-2019-12594

DOSBox 0.74-2 has Incorrect Access Control.

Published: July 02, 2019; 01:15:11 PM -04:00
V3: 9.8 CRITICAL
V2: 7.5 HIGH
CVE-2019-13024

Centreon V19.04 allows the attacker to execute arbitrary system commands by using the value "init_script"-"Monitoring Engine Binary" in main.get.php to insert a arbitrary command into the database, and execute it by calling the vulnerable page www/include/configuration/configGenerate/xml/generateFiles.php (which passes the inserted value to the database to shell_exec without sanitizing it, allowing one to execute system arbitrary commands).

Published: July 01, 2019; 03:15:11 PM -04:00
V3: 8.8 HIGH
V2: 9.0 HIGH
CVE-2019-12826

A Cross-Site-Request-Forgery (CSRF) vulnerability in widget_logic.php in the 2by2host Widget Logic plugin before 5.10.2 for WordPress allows remote attackers to execute PHP code via snippets (that are attached to widgets and then eval'd to dynamically determine their visibility) by crafting a malicious POST request that tricks administrators into adding the code.

Published: July 01, 2019; 02:15:11 PM -04:00
V3: 8.8 HIGH
V2: 6.8 MEDIUM
CVE-2018-20848

Advisto PEEL SHOPPING 9.0.0 has CSRF via en/achat/caddie_ajout.php and en/achat/caddie_affichage.php, as demonstrated by an XSS payload in the couleurId[0] parameter to the latter.

Published: June 30, 2019; 03:15:09 PM -04:00
V3: 8.8 HIGH
V2: 6.8 MEDIUM
CVE-2019-13086

core/MY_Security.php in CSZ CMS 1.2.2 before 2019-06-20 has member/login/check SQL injection by sending a crafted HTTP User-Agent header and omitting the csrf_csz parameter.

Published: June 30, 2019; 01:15:09 PM -04:00
V3: 9.8 CRITICAL
V2: 7.5 HIGH
CVE-2019-13082

Chamilo LMS 1.11.8 and 2.x allows remote code execution through an lp_upload.php unauthenticated file upload feature. It extracts a ZIP archive before checking its content, and once it has been extracted, does not check files in a recursive way. This means that by putting a .php file in a folder and then this folder in a ZIP archive, the server will accept this file without any checks. Because one can access this file from the website, it is remote code execution. This is related to a scorm imsmanifest.xml file, the import_package function, and extraction in $courseSysDir.$newDir.

Published: June 30, 2019; 12:15:09 PM -04:00
V3: 9.8 CRITICAL
V2: 7.5 HIGH
CVE-2019-11829

OS command injection vulnerability in drivers_syno_import_user.php in Synology Calendar before 2.3.1-0617 allows remote attackers to execute arbitrary commands via the crafted 'X-Real-IP' header.

Published: June 30, 2019; 11:15:09 AM -04:00
V3: 9.8 CRITICAL
V2: 7.5 HIGH
CVE-2019-11821

SQL injection vulnerability in synophoto_csPhotoDB.php in Synology Photo Station before 6.8.11-3489 and before 6.3-2977 allows remote attackers to execute arbitrary SQL command via the type parameter.

Published: June 30, 2019; 11:15:09 AM -04:00
V3: 9.8 CRITICAL
V2: 7.5 HIGH