Php Exploits
1,332 exploits tracked across all sources.
Rejected
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2014-6271, CVE-2014-6277, CVE-2014-6278, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187. Reason: This candidate is a duplicate of CVE-2014-6271, CVE-2014-6277, CVE-2014-6278, CVE-2014-7169, CVE-2014-7186, and CVE-2014-7187. Notes: All CVE users should reference CVE-2014-6271, CVE-2014-6277, CVE-2014-6278, CVE-2014-7169, CVE-2014-7186, and CVE-2014-7187 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage
Google Chrome <143.0.7499.110 - Memory Corruption
Out of bounds memory access in ANGLE in Google Chrome on Mac prior to 143.0.7499.110 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)
by SgtBattenHA
CVSS 8.8
Invisioncommunity < 5.0.7 - Remote Code Execution
Invision Community 5.0.0 before 5.0.7 allows remote code execution via crafted template strings to themeeditor.php. The issue lies within the themeeditor controller (file: /applications/core/modules/front/system/themeeditor.php), where a protected method named customCss can be invoked by unauthenticated users. This method passes the value of the content parameter to the Theme::makeProcessFunction() method; hence it is evaluated by the template engine. Accordingly, this can be exploited by unauthenticated attackers to inject and execute arbitrary PHP code by providing crafted template strings.
by Egidio Romano
CVSS 10.0
Sangoma Freepbx - OS Command Injection
FreePBX 16 contains an authenticated remote code execution vulnerability in the API module that allows attackers with valid session credentials to execute arbitrary commands. Attackers can exploit the 'generatedocs' endpoint by crafting malicious POST requests with bash command injection to establish remote shell access.
by Cold z3ro
CVSS 8.8
phpFox < 4.8.13 - (redirect) PHP Object Injection Exploit
by Egidio Romano
Millhouse-project - SQL Injection
Millhouse-Project v1.414 was discovered to contain a remote code execution (RCE) vulnerability via the component /add_post_sql.php.
by Chokri Hammedi
CVSS 9.8
Impresscms < 1.4.4 - SQL Injection
ImpressCMS before 1.4.3 allows include/findusers.php groups SQL Injection.
by Egidio Romano
CVSS 9.8
Pet Shop Management System 1.0 - Remote Code Execution (RCE) (Unauthenticated)
by Mr.Gedik
Exam Hall Management System 1.0 - Unrestricted File Upload (Unauthenticated)
by Thamer Almohammadi
jqueryFileTree <2.1.5 - Path Traversal
jqueryFileTree 2.1.5 and older Directory Traversal
by Nicholas Ferreira
CVSS 7.5
JCK Editor <6.4.4 - SQL Injection
The JCK Editor component 6.4.4 for Joomla! allows SQL Injection via the jtreelink/dialogs/links.php parent parameter.
by Nicholas Ferreira
CVSS 9.8
CardGate Payments <3.1.15 - Auth Bypass
An issue was discovered in the CardGate Payments plugin through 3.1.15 for WooCommerce. Lack of origin authentication in the IPN callback processing function in cardgate/cardgate.php allows an attacker to remotely replace critical plugin settings (merchant ID, secret key, etc.) and therefore bypass the payment process (e.g., spoof an order status by manually sending an IPN callback request with a valid signature but without real payment) and/or receive all of the subsequent payments.
by GeekHack
CVSS 8.1
Magento WooCommerce CardGate Payment Gateway 2.0.30 - Payment Process Bypass
by GeekHack
phpList 3.5.0 - Auth Bypass
phpList 3.5.0 allows type juggling for admin login bypass because == is used instead of === for password hashes, which mishandles hashes that begin with 0e followed by exclusively numerical characters.
by Suvadip Kar
CVSS 9.8
PHP 7.0 < 7.4 (Unix) - 'debug_backtrace' disable_functions Bypass
by mm0r1
verot.net class.upload <2.0.4 - Info Disclosure
class.upload.php in verot.net class.upload before 1.0.3 and 2.x before 2.0.4, as used in the K2 extension for Joomla! and other products, omits .phar from the set of dangerous file extensions.
by Jinny Ramsmark
CVSS 9.8
XML-RPC - Code Injection
An attacker could send a specifically crafted payload to the XML-RPC invocation script and trigger the unserialize() call on the "what" parameter in the "openads.spc" RPC method. Such vulnerability could be used to perform various types of attacks, e.g. exploit serialize-related PHP vulnerabilities or PHP object injection. It is possible, although unconfirmed, that the vulnerability has been used by some attackers in order to gain access to some Revive Adserver instances and deliver malware through them to third party websites. This vulnerability was addressed in version 4.2.0.
by crlf
CVSS 9.8
Vbulletin < 5.5.4 - Code Injection
vBulletin through 5.5.4 mishandles custom avatars.
by EgiX
CVSS 9.8
Nagios XI 5.6.5 - Remote Code Execution / Root Privilege Escalation
by Jak Gibb
By Source