Php Exploits
1,332 exploits tracked across all sources.
ASCET Interactive Huski CMS - 'i' Local File Inclusion
by Wireghoul
com_jembed - SQL Injection via catid Parameter
SQL injection vulnerability in the jEmbed-Embed Anything (com_jembed) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a summary action to index.php.
by FL0RiX
Joomla! Component com_bfsurvey_pro - 'catid' Blind SQL Injection
by FL0RiX
FreeWebShop 2.2.9 R2 - Multiple Remote Vulnerabilities
by Akita Software Security
PHP < 5.2.4 - Local Symlink Bypass of open_basedir Restrictions via Session File
The session extension in PHP before 5.2.4 might allow local users to bypass open_basedir restrictions via a session file that is a symlink.
by Maksymilian Arciemowicz
PHP < 5.2.12 - Cross-Site Scripting via Improper UTF-8 and Multi-byte Sequence Handling
The htmlspecialchars function in PHP before 5.2.12 does not properly handle (1) overlong UTF-8 sequences, (2) invalid Shift_JIS sequences, and (3) invalid EUC-JP sequences, which allows remote attackers to conduct cross-site scripting (XSS) attacks by placing a crafted byte sequence before a special character.
PHP < 5.2.12 - Cross-Site Scripting via Improper UTF-8 and Multi-byte Sequence Handling
The htmlspecialchars function in PHP before 5.2.12 does not properly handle (1) overlong UTF-8 sequences, (2) invalid Shift_JIS sequences, and (3) invalid EUC-JP sequences, which allows remote attackers to conduct cross-site scripting (XSS) attacks by placing a crafted byte sequence before a special character.
Joomla! Component com_joomgallery 1.5.x - &func Incorrect Flood Filter
by Jbyte
Adobe Illustrator <14.0.0 - Buffer Overflow
Buffer overflow in Adobe Illustrator CS4 14.0.0, CS3 13.0.3 and earlier, and CS3 13.0.0 allows remote attackers to execute arbitrary code via a long DSC comment in an Encapsulated PostScript (.eps) file. NOTE: some of these details are obtained from third party information.
by pyrokinesis
Vivid Ads Shopping Cart - 'prodid' SQL Injection
by Yakir Wizman
Tinybrowser < 1.5.13 - Unrestricted File Upload and Remote Code Execution
Tiny browser in TinyMCE 3.0 editor in Joomla! before 1.5.13 allows file upload and arbitrary PHP code execution.
by daath
CVSS 9.8
PHP 5.2.11/5.3.0 - Multiple Vulnerabilities
by Maksymilian Arciemowicz
RunCMS 2M1 - Authenticated SQL Injection via Forum Post Parameters
Multiple SQL injection vulnerabilities in modules/forum/post.php in RunCMS 2M1 allow remote authenticated users to execute arbitrary SQL commands via (1) the pid parameter, which is not properly handled by the store function in modules/forum/class/class.forumposts.php, or (2) the topic_id parameter.
by Nine:Situations:Group::bookoo
IBM Informix Client SDK 3.0 and 3.50 - Remote Code Execution via Crafted .nfx File
Multiple integer overflows in setnet32.exe 3.50.0.13752 in IBM Informix Client SDK 3.0 and 3.50 and Informix Connect Runtime 3.x allow remote attackers to execute arbitrary code via a .nfx file with a crafted (1) HostSize, and possibly (2) ProtoSize and (3) ServerSize, field that triggers a stack-based buffer overflow involving a crafted HostList field. NOTE: some of these details are obtained from third party information.
by bruiser
Empire CMS 5.1 - SQL Injection via bid Parameter
SQL injection vulnerability in Empire CMS 5.1 allows remote attackers to execute arbitrary SQL commands via the bid parameter to the default URI under e/tool/gbook/.
by Securitylab Security Research
AlphaUserPoints 1.5.2 - SQL Injection via Username2Points Parameter
SQL injection vulnerability in frontend/assets/ajax/checkusername.php in the AlphaUserPoints (com_alphauserpoints) component 1.5.2 for Joomla! allows remote attackers to execute arbitrary SQL commands via the username2points parameter.
by jdc
Apple Safari on iPhone OS 3.0.1 - Denial of Service via Long tel: URL in IFRAME SRC Attribute
Apple Safari on iPhone OS 3.0.1 allows remote attackers to cause a denial of service (application crash) via a long tel: URL in the SRC attribute of an IFRAME element.
by cloud
Siemens Gigaset SE361 WLAN Router - Denial of Service via TCP Packet Flood to Port 1723
The Siemens Gigaset SE361 WLAN router allows remote attackers to cause a denial of service (device reboot) via a flood of crafted TCP packets to port 1723.
by crashbrz
BF Survey Pro Free <1.2.6 - SQL Injection
SQL injection vulnerability in the updateOnePage function in components/com_bfsurvey_pro/controller.php in BF Survey Pro Free (com_bfsurvey_profree) 1.2.4, and other versions before 1.2.6, a component for Joomla!, allows remote attackers to execute arbitrary SQL commands via the table parameter in an updateOnePage action to index.php.
by jdc
By Source