CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-25866 – Command Injection
https://notcve.org/view.php?id=CVE-2022-25866
The package czproject/git-php before 4.0.3 are vulnerable to Command Injection via git argument injection. When calling the isRemoteUrlReadable($url, array $refs = NULL) function, both the url and refs parameters are passed to the git ls-remote subcommand in a way that additional flags can be set. The additional flags can be used to perform a command injection. El paquete czproject/git-php versiones anteriores a 4.0.3, es vulnerable a una inyección de comandos por medio de una inyección de argumentos git. Cuando es llamado a la función isRemoteUrlReadable($url, array $refs = NULL), los parámetros url y refs son pasados al subcomando git ls-remote de forma que puedan establecerse flags adicionales. • https://github.com/czproject/git-php/commit/5e82d5479da5f16d37a915de4ec55e1ac78de733 https://github.com/czproject/git-php/releases/tag/v4.0.3 https://snyk.io/vuln/SNYK-PHP-CZPROJECTGITPHP-2421349 • CWE-88: Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 3CVE-2022-26613
https://notcve.org/view.php?id=CVE-2022-26613
PHP-CMS v1.0 was discovered to contain a SQL injection vulnerability via the category parameter in categorymenu.php. Se ha detectado que PHP-CMS versión v1.0, contiene una vulnerabilidad de inyección SQL por medio del parámetro category en el archivo categorymenu.php • https://github.com/harshitbansal373/PHP-CMS/issues/14 https://github.com/harshitbansal373/PHP-CMS/issues/15 https://github.com/nu11secur1ty/CVE-mitre/tree/main/2022/CVE-2022-26613 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 1CVE-2021-21708 – UAF due to php_filter_float() failing
https://notcve.org/view.php?id=CVE-2021-21708
In PHP versions 7.4.x below 7.4.28, 8.0.x below 8.0.16, and 8.1.x below 8.1.3, when using filter functions with FILTER_VALIDATE_FLOAT filter and min/max limits, if the filter fails, there is a possibility to trigger use of allocated memory after free, which can result it crashes, and potentially in overwrite of other memory chunks and RCE. This issue affects: code that uses FILTER_VALIDATE_FLOAT with min/max limits. En PHP versiones 7.4.x anteriores a 7.4.28, versiones 8.0.x anteriores a 8.0.16 y versiones 8.1.x anteriores a 8.1.3, cuando son usados funciones de filtrado con el filtro FILTER_VALIDATE_FLOAT y los límites mínimo/máximo, si el filtro falla, se presenta la posibilidad de que sea activado el uso de la memoria asignada después de liberarla, lo que puede resultar en un bloqueo, y potencialmente la sobreescritura de otros trozos de memoria y RCE. Este problema afecta a: el código que usa FILTER_VALIDATE_FLOAT con límites mín/máx. A flaw was found in PHP. • https://bugs.php.net/bug.php?id=81708 https://security.gentoo.org/glsa/202209-20 https://security.netapp.com/advisory/ntap-20220325-0004 https://access.redhat.com/security/cve/CVE-2021-21708 https://bugzilla.redhat.com/show_bug.cgi?id=2055879 • CWE-416: Use After Free •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2021-41472
https://notcve.org/view.php?id=CVE-2021-41472
SQL injection vulnerability in Sourcecodester Simple Membership System v1 by oretnom23, allows attackers to execute arbitrary SQL commands via the username and password parameters. Una vulnerabilidad de inyección SQL en Sourcecodester Simple Membership System versión v1 por oretnom23, permite a atacantes ejecutar comandos SQL arbitrarios por medio de los parámetros username y password • https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/razormist • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.6EPSS: 0%CPEs: 1EXPL: 1CVE-2021-40909
https://notcve.org/view.php?id=CVE-2021-40909
Cross site scripting (XSS) vulnerability in sourcecodester PHP CRUD without Refresh/Reload using Ajax and DataTables Tutorial v1 by oretnom23, allows remote attackers to execute arbitrary code via the first_name, last_name, and email parameters to /ajax_crud. Una vulnerabilidad de tipo cross site scripting (XSS) en sourcecodester PHP CRUD sin Refresh/Reload usando Ajax y DataTables Tutorial versión v1 por oretnom23, permite a atacantes remotos ejecutar código arbitrario por medio de los parámetros first_name, last_name y email a /ajax_crud • https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/oretnom23/CVE-nu11-10-09102021 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •