Search Results (Refine Search)
- Keyword (text search): php
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2020-12479 |
TeamPass 2.1.27.36 allows any authenticated TeamPass user to trigger a PHP file include vulnerability via a crafted HTTP request with sources/users.queries.php newValue directory traversal. Published: April 29, 2020; 6:15:12 PM -0400 |
V3.1: 8.8 HIGH V2.0: 6.5 MEDIUM |
CVE-2020-12469 |
admin/blocks.php in Subrion CMS through 4.2.1 allows PHP Object Injection (with resultant file deletion) via serialized data in the subpages value within a block to blocks/edit. Published: April 29, 2020; 5:15:12 PM -0400 |
V3.1: 6.5 MEDIUM V2.0: 5.5 MEDIUM |
CVE-2020-12461 |
PHP-Fusion 9.03.50 allows SQL Injection because maincore.php has an insufficient protection mechanism. An attacker can develop a crafted payload that can be inserted into the sort_order GET parameter on the members.php members search page. This parameter allows for control over anything after the ORDER BY clause in the SQL query. Published: April 29, 2020; 1:15:12 PM -0400 |
V3.1: 8.8 HIGH V2.0: 6.5 MEDIUM |
CVE-2020-12438 |
An XSS vulnerability exists in the banners.php page of PHP-Fusion 9.03.50. This can be exploited because the only security measure used against XSS is the stripping of SCRIPT tags. A malicious actor can use HTML event handlers to run JavaScript instead of using SCRIPT tags. Published: April 28, 2020; 5:15:11 PM -0400 |
V3.1: 5.4 MEDIUM V2.0: 3.5 LOW |
CVE-2017-18863 |
Certain NETGEAR devices are affected by command execution via a PHP form. This affects WN604 3.3.3 and earlier, WNAP210v2 3.5.20.0 and earlier, WNAP320 3.5.20.0 and earlier, WNDAP350 3.5.20.0 and earlier, WNDAP360 3.5.20.0 and earlier, WNDAP620 2.0.11 and earlier, WNDAP660 3.5.20.0 and earlier, WND930 2.0.11 and earlier, and WAC120 2.0.7 and earlier. Published: April 28, 2020; 12:15:12 PM -0400 |
V3.1: 7.1 HIGH V2.0: 3.6 LOW |
CVE-2020-7067 |
In PHP versions 7.2.x below 7.2.30, 7.3.x below 7.3.17 and 7.4.x below 7.4.5, if PHP is compiled with EBCDIC support (uncommon), urldecode() function can be made to access locations past the allocated memory, due to erroneously using signed numbers as array indexes. Published: April 27, 2020; 5:15:14 PM -0400 |
V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2020-11011 |
In Phproject before version 1.7.8, there's a vulnerability which allows users with access to file uploads to execute arbitrary code. This is patched in version 1.7.8. Published: April 22, 2020; 1:15:12 PM -0400 |
V3.1: 8.8 HIGH V2.0: 6.5 MEDIUM |
CVE-2020-5301 |
SimpleSAMLphp versions before 1.18.6 contain an information disclosure vulnerability. The module controller in `SimpleSAML\Module` that processes requests for pages hosted by modules, has code to identify paths ending with `.php` and process those as PHP code. If no other suitable way of handling the given path exists it presents the file to the browser. The check to identify paths ending with `.php` does not account for uppercase letters. If someone requests a path ending with e.g. `.PHP` and the server is serving the code from a case-insensitive file system, such as on Windows, the processing of the PHP code does not occur, and the source code is instead presented to the browser. An attacker may use this issue to gain access to the source code in third-party modules that is meant to be private, or even sensitive. However, the attack surface is considered small, as the attack will only work when SimpleSAMLphp serves such content from a file system that is not case-sensitive, such as on Windows. This issue is fixed in version 1.18.6. Published: April 21, 2020; 4:15:13 PM -0400 |
V3.1: 3.1 LOW V2.0: 3.5 LOW |
CVE-2020-8639 |
An unrestricted file upload vulnerability in keywordsImport.php in TestLink 1.9.20 allows remote attackers to execute arbitrary code by uploading a file with an executable extension. This allows an authenticated attacker to upload a malicious file (containing PHP code to execute operating system commands) to a publicly accessible directory of the application. Published: April 03, 2020; 3:15:13 PM -0400 |
V3.1: 8.8 HIGH V2.0: 6.5 MEDIUM |
CVE-2020-8966 |
There is an Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in php webpages of Tiki-Wiki Groupware. Tiki-Wiki CMS all versions through 20.0 allows malicious users to cause the injection of malicious code fragments (scripts) into a legitimate web page. Published: April 01, 2020; 5:15:15 PM -0400 |
V3.1: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2020-7066 |
In PHP versions 7.2.x below 7.2.29, 7.3.x below 7.3.16 and 7.4.x below 7.4.4, while using get_headers() with user-supplied URL, if the URL contains zero (\0) character, the URL will be silently truncated at it. This may cause some software to make incorrect assumptions about the target of the get_headers() and possibly send some information to a wrong server. Published: April 01, 2020; 12:15:14 AM -0400 |
V3.1: 4.3 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2020-7065 |
In PHP versions 7.3.x below 7.3.16 and 7.4.x below 7.4.4, while using mb_strtolower() function with UTF-32LE encoding, certain invalid strings could cause PHP to overwrite stack-allocated buffer. This could lead to memory corruption, crashes and potentially code execution. Published: April 01, 2020; 12:15:13 AM -0400 |
V3.1: 8.8 HIGH V2.0: 6.8 MEDIUM |
CVE-2020-7064 |
In PHP versions 7.2.x below 7.2.9, 7.3.x below 7.3.16 and 7.4.x below 7.4.4, while parsing EXIF data with exif_read_data() function, it is possible for malicious data to cause PHP to read one byte of uninitialized memory. This could potentially lead to information disclosure or crash. Published: April 01, 2020; 12:15:13 AM -0400 |
V3.1: 5.4 MEDIUM V2.0: 5.8 MEDIUM |
CVE-2020-11441 |
phpMyAdmin 5.0.2 allows CRLF injection, as demonstrated by %0D%0Astring%0D%0A inputs to login form fields causing CRLF sequences to be reflected on an error page. NOTE: the vendor states "I don't see anything specifically exploitable. Published: March 31, 2020; 1:15:26 PM -0400 |
V3.1: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2020-10963 |
FrozenNode Laravel-Administrator through 5.0.12 allows unrestricted file upload (and consequently Remote Code Execution) via admin/tips_image/image/file_upload image upload with PHP content within a GIF image that has the .php extension. NOTE: this product is discontinued. Published: March 25, 2020; 6:15:12 PM -0400 |
V3.1: 7.2 HIGH V2.0: 6.5 MEDIUM |
CVE-2020-5558 |
CuteNews 2.0.1 allows remote authenticated attackers to execute arbitrary PHP code via unspecified vectors. Published: March 24, 2020; 10:15:12 PM -0400 |
V3.1: 8.8 HIGH V2.0: 9.0 HIGH |
CVE-2020-5553 |
mailform version 1.04 allows remote attackers to execute arbitrary PHP code via unspecified vectors. Published: March 24, 2020; 10:15:11 PM -0400 |
V3.1: 9.8 CRITICAL V2.0: 10.0 HIGH |
CVE-2020-8865 |
This vulnerability allows remote attackers to execute local PHP files on affected installations of Horde Groupware Webmail Edition 5.2.22. Authentication is required to exploit this vulnerability. The specific flaw exists within edit.php. When parsing the params[template] parameter, the process does not properly validate a user-supplied path prior to using it in file operations. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the www-data user. Was ZDI-CAN-10469. Published: March 23, 2020; 5:15:12 PM -0400 |
V3.1: 6.3 MEDIUM V2.0: 6.5 MEDIUM |
CVE-2020-7935 |
Artica Pandora FMS through 7.42 is vulnerable to remote PHP code execution because of an Unrestricted Upload Of A File With A Dangerous Type issue in the File Manager. An attacker can create a (or use an existing) directory that is externally accessible to store PHP files. The filename and the exact path is known by the attacker, so it is possible to execute PHP code in the context of the application. The vulnerability is exploitable only with Administrator access. Published: March 23, 2020; 12:15:17 PM -0400 |
V3.1: 7.2 HIGH V2.0: 6.5 MEDIUM |
CVE-2020-10806 |
eZ Publish Kernel before 5.4.14.1, 6.x before 6.13.6.2, and 7.x before 7.5.6.2 and eZ Publish Legacy before 5.4.14.1, 2017 before 2017.12.7.2, and 2019 before 2019.03.4.2 allow remote attackers to execute arbitrary code by uploading PHP code, unless the vhost configuration permits only app.php execution. Published: March 22, 2020; 12:15:12 PM -0400 |
V3.1: 9.8 CRITICAL V2.0: 7.5 HIGH |