Php Exploits
1,334 exploits tracked across all sources.
BF Survey Pro Free <1.2.6 - SQL Injection
SQL injection vulnerability in the updateOnePage function in components/com_bfsurvey_pro/controller.php in BF Survey Pro Free (com_bfsurvey_profree) 1.2.4, and other versions before 1.2.6, a component for Joomla!, allows remote attackers to execute arbitrary SQL commands via the table parameter in an updateOnePage action to index.php.
by jdc
osCommerce <2.2 RC2a - RCE
osCommerce versions up to and including 2.2 RC2a contain a vulnerability in its administrative file manager utility (admin/file_manager.php). The interface allows file uploads and edits without sufficient input validation or access control. An unauthenticated attacker can craft a POST request to upload a .php file containing arbitrary code, which is then executed by the server.
by flyh4t
Google Chrome 6.0.472 - 'Math.Random()' Random Number Generation
by Amit Klein
Kunena Forum <1.5.4 - SQL Injection
SQL injection vulnerability in the Kunena Forum (com_kunena) component 1.5.3 and 1.5.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the func parameter to index.php.
by ilker Kandemir
PHP <5.3.0 - Info Disclosure
The zend_restore_ini_entry_cb function in zend_ini.c in PHP 5.3.0, 5.2.10, and earlier versions allows context-specific attackers to obtain sensitive information (memory contents) and cause a PHP crash by using the ini_set function to declare a variable, then using the ini_restore function to restore the variable.
by Maksymilian Arciemowicz
PHP <5.3.0 - Info Disclosure
The zend_restore_ini_entry_cb function in zend_ini.c in PHP 5.3.0, 5.2.10, and earlier versions allows context-specific attackers to obtain sensitive information (memory contents) and cause a PHP crash by using the ini_set function to declare a variable, then using the ini_restore function to restore the variable.
by Maksymilian Arciemowicz
PHP 5.3 - 'mail.log' Configuration Option 'open_basedir' Restriction Bypass
by Maksymilian Arciemowicz
Joomla! Component com_pms 2.0.4 - 'Ignore-List' SQL Injection
by M4dhead
Arab Portal 2.x - SQL Injection
SQL injection vulnerability in forum.php in Arab Portal 2.x, when magic_quotes_gpc is disabled, allows remote authenticated users to execute arbitrary SQL commands via the qc parameter in an addcomment action, a different vector than CVE-2006-1666.
by rEcruit
Allomani Audio & Video Library (Songs & Clips) <2.7.0 - SQL Injection
SQL injection vulnerability in login.php in Allomani Audio & Video Library (Songs & Clips version) 2.7.0 allows remote attackers to execute arbitrary SQL commands via the username parameter in a login action.
by Qabandi
Allomani Movies Library <2.7.0 - SQL Injection
SQL injection vulnerability in login.php in Allomani Movies Library (Movies & Clips) 2.7.0 allows remote attackers to execute arbitrary SQL commands via the username parameter in a login action.
by Qabandi
Allomani Mobile - SQL Injection
SQL injection vulnerability in login.php in Allomani Mobile 2.5 allows remote attackers to execute arbitrary SQL commands via the username parameter in a login action.
by Qabandi
Pixaria Gallery - Path Traversal
Absolute path traversal vulnerability in pixaria.image.php in Pixaria Gallery 2.0.0 through 2.3.5 allows remote attackers to read arbitrary files via a base64-encoded file parameter.
by Qabandi
e107 Plugin my_gallery 2.4.1 - 'readfile()' Local File Disclosure
by NoGe
VivaPrograms Infinity <2.0.5 - RCE
cp/profile.php in VivaPrograms Infinity 2.0.5 and earlier does not require administrative authentication for the donewauthor action, which allows remote attackers to create administrative accounts via the name, password, and conf_password parameters.
by Qabandi
Morcegocms < 1.7.6 - SQL Injection
SQL injection vulnerability in fichero.php in MorcegoCMS 1.7.6 and earlier allows remote attackers to execute arbitrary SQL commands via the query string.
by darkjoker
Mlffat 2.2 - SQL Injection
SQL injection vulnerability in index.php in Mlffat 2.2 allows remote attackers to execute arbitrary SQL commands via a member cookie in an account editprofile action, a different vector than CVE-2009-1731.
by Qabandi
YourTube 2.0 - Arbitrary Database Disclosure
by Security Code Team
Zen Cart <1.3.8a-1.3.8 - RCE
Zen Cart 1.3.8a, 1.3.8, and earlier does not require administrative authentication for admin/record_company.php, which allows remote attackers to execute arbitrary code by uploading a .php file via the record_company_image parameter in conjunction with a PATH_INFO of password_forgotten.php, then accessing this file via a direct request to the file in images/.
by BlackH
Phpmyadmin < 2.11.9.5 - Code Injection
Static code injection vulnerability in setup.php in phpMyAdmin 2.11.x before 2.11.9.5 and 3.x before 3.1.3.1 allows remote attackers to inject arbitrary PHP code into a configuration file via the save action.
by Hacking Expose!
CVSS 9.8
By Source