Security
Headlines
HeadlinesLatestCVEs

Tag

#php

CVE-2018-18584: security - Buffer overflow in cabextract/libmspack (Fwd: New cabextract 1.8 and libmspack 0.8 release)

In mspack/cab.h in libmspack before 0.8alpha and cabextract before 1.8, the CAB block input buffer is one byte too small for the maximal Quantum block, leading to an out-of-bounds write.

CVE
Open in Source
#web#mac#windows#linux#git#php#buffer_overflow#auth#ibm
CVE-2018-18322: CentOS Web Panel 0.9.8.480 Multiple Vulnerabilities - Seccops

CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.480 has Command Injection via shell metacharacters in the admin/index.php service_start, service_restart, service_fullstatus, or service_stop parameter.

CVE-2018-17440: D-Link Technical Support

An issue was discovered on D-Link Central WiFi Manager before v 1.03r0100-Beta1. They expose an FTP server that serves by default on port 9000 and has hardcoded credentials (admin, admin). Taking advantage of this, a remote unauthenticated attacker could execute arbitrary PHP code by uploading any file in the web root directory and then accessing it via a request.

CVE-2018-17182: security - Linux kernel: potential local priviledge escalation bug in vmacache code

An issue was discovered in the Linux kernel through 4.18.8. The vmacache_flush_all function in mm/vmacache.c mishandles sequence number overflows. An attacker can trigger a use-after-free (and possibly gain privileges) via certain thread creation, map, unmap, invalidation, and dereference operations.

CVE-2016-9045: TALOS-2017-0314 || Cisco Talos Intelligence Group

A code execution vulnerability exists in ProcessMaker Enterprise Core 3.0.1.7-community. A specially crafted web request can cause unsafe deserialization potentially resulting in PHP code being executed. An attacker can send a crafted web parameter to trigger this vulnerability.

CVE-2016-9048: TALOS-2017-0313 || Cisco Talos Intelligence Group

Multiple exploitable SQL Injection vulnerabilities exists in ProcessMaker Enterprise Core 3.0.1.7-community. Specially crafted web requests can cause SQL injections. An attacker can send a web request with parameters containing SQL injection attacks to trigger this vulnerability, potentially allowing exfiltration of the database, user credentials and in certain setups access the underlying operating system.

CVE-2018-15918: CVE-2018-15918 Jorani Leave Management System 0.6.5 - SQL Injection - Hackpuntes

An issue was discovered in Jorani 0.6.5. SQL Injection (error-based) allows a user of the application without permissions to read and modify sensitive information from the database used by the application via the startdate or enddate parameter to leaves/validate.

CVE-2018-15917: CVE-2018-15917 Jorani Leave Management System 0.6.5 - Cross-Site Scripting Persistente - Hackpuntes

Persistent cross-site scripting (XSS) issues in Jorani 0.6.5 allow remote attackers to inject arbitrary web script or HTML via the language parameter to session/language.

CVE-2018-15877: Offensive Security’s Exploit Database Archive

The Plainview Activity Monitor plugin before 20180826 for WordPress is vulnerable to OS command injection via shell metacharacters in the ip parameter of a wp-admin/admin.php?page=plainview_activity_monitor&tab=activity_tools request.

CVE-2017-9120: PHP :: Bug #74544 :: Integer overflow in mysqli_real_escape_string()

PHP 7.x through 7.1.5 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a long string because of an Integer overflow in mysqli_real_escape_string.