CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-3806 – SourceCodester House Rental and Property Listing System btn_functions.php unrestricted upload
https://notcve.org/view.php?id=CVE-2023-3806
21 Jul 2023 — A vulnerability, which was classified as critical, was found in SourceCodester House Rental and Property Listing System 1.0. Affected is an unknown function of the file btn_functions.php. The manipulation leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. • https://github.com/GZRsecurity/Cve-System/blob/main/House%20Rental%20and%20Property%20Listing%20System%20register.php%20has%20%20File%20Upload(RCE)%20Vulnerability.pdf • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 4.3EPSS: 0%CPEs: 3EXPL: 0CVE-2023-3247 – Missing error check and insufficient random bytes in HTTP Digest authentication for SOAP
https://notcve.org/view.php?id=CVE-2023-3247
04 Jul 2023 — In PHP versions 8.0.* before 8.0.29, 8.1.* before 8.1.20, 8.2.* before 8.2.7 when using SOAP HTTP Digest Authentication, random value generator was not checked for failure, and was using narrower range of values than it should have. In case of random generator failure, it could lead to a disclosure of 31 bits of uninitialized memory from the client to the server, and it also made easier to a malicious server to guess the client's nonce. A vulnerability was found in PHP where the weak randomness affects appl... • https://github.com/php/php-src/security/advisories/GHSA-76gg-c692-v2mw • CWE-252: Unchecked Return Value CWE-330: Use of Insufficiently Random Values CWE-334: Small Space of Random Values •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2016-15031 – PHP-Login POST Parameter class.loginscript.php checkLogin sql injection
https://notcve.org/view.php?id=CVE-2016-15031
06 May 2023 — A vulnerability was found in PHP-Login 1.0. It has been declared as critical. This vulnerability affects the function checkLogin of the file login/scripts/class.loginscript.php of the component POST Parameter Handler. The manipulation of the argument myusername leads to sql injection. The attack can be initiated remotely. • https://github.com/ipoelnet/php-login/commit/0083ec652786ddbb81335ea20da590df40035679 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2015-10086 – OpenCycleCompass server-php login.php sql injection
https://notcve.org/view.php?id=CVE-2015-10086
28 Feb 2023 — A vulnerability, which was classified as critical, was found in OpenCycleCompass server-php. Affected is an unknown function of the file api1/login.php. The manipulation of the argument user leads to sql injection. It is possible to launch the attack remotely. This product is using a rolling release to provide continious delivery. • https://github.com/OpenCycleCompass/server-php/commit/fa0d9bcf81c711a88172ad0d37a842f029ac3782 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 6.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-26267
https://notcve.org/view.php?id=CVE-2023-26267
21 Feb 2023 — php-saml-sp before 1.1.1 and 2.x before 2.1.1 allows reading arbitrary files as the webserver user because resolving XML external entities was silently enabled via \LIBXML_DTDLOAD | \LIBXML_DTDATTR. • https://git.sr.ht/~fkooman/php-saml-sp/commit/851f75b298a77e62d9022f1b170f662f5f7716d6 • CWE-611: Improper Restriction of XML External Entity Reference •
CVSS: 8.5EPSS: 0%CPEs: 1EXPL: 1CVE-2021-3172
https://notcve.org/view.php?id=CVE-2021-3172
17 Feb 2023 — An issue in Php-Fusion v9.03.90 fixed in v9.10.00 allows authenticated attackers to cause a Distributed Denial of Service via the Polling feature. • https://github.com/PHPFusion/PHPFusion/commit/7b8df6925cc7cfd8585d4f34d9120ff3a2e5753e • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2020-29168
https://notcve.org/view.php?id=CVE-2020-29168
17 Feb 2023 — SQL Injection vulnerability in Projectworlds Online Doctor Appointment Booking System, allows attackers to gain sensitive information via the q parameter to the getuser.php endpoint. • https://projectworlds.in/free-projects/php-projects/online-doctor-appointment-booking-system-php-and-mysql/%2C • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 8.1EPSS: 0%CPEs: 3EXPL: 1CVE-2023-0568 – Array overrun in common path resolve code
https://notcve.org/view.php?id=CVE-2023-0568
16 Feb 2023 — In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, core path resolution function allocate buffer one byte too small. When resolving paths with lengths close to system MAXPATHLEN setting, this may lead to the byte after the allocated buffer being overwritten with NUL value, which might lead to unauthorized data access or modification. A vulnerability was found in PHP. This security issue occurs because the core path resolution function allocates a buffer one byte small. Resolving paths w... • https://bugs.php.net/bug.php?id=81746 • CWE-131: Incorrect Calculation of Buffer Size CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2023-0662 – DoS vulnerability when parsing multipart request body
https://notcve.org/view.php?id=CVE-2023-0662
16 Feb 2023 — In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, excessive number of parts in HTTP form upload can cause high resource consumption and excessive number of log entries. This can cause denial of service on the affected server by exhausting CPU resources or disk space. A vulnerability was found in PHP. This security flaw occurs when the request body parsing in PHP allows any unauthenticated attacker to consume a large amount of CPU time and trigger excessive logging. A large amount of CP... • https://github.com/php/php-src/security/advisories/GHSA-54hq-v5wp-fqgv • CWE-400: Uncontrolled Resource Consumption CWE-779: Logging of Excessive Data •
CVSS: 8.1EPSS: 0%CPEs: 3EXPL: 1CVE-2023-0567 – password_verify() always returns true for some invalid hashes
https://notcve.org/view.php?id=CVE-2023-0567
16 Feb 2023 — In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, password_verify() function may accept some invalid Blowfish hashes as valid. If such invalid hash ever ends up in the password database, it may lead to an application allowing any password for this entry as valid. A vulnerability was found in PHP. This security flaw occurs when malformatted BCrypt hashes that include a $ within their salt part trigger a buffer overread and may erroneously validate any password as valid. It was discovere... • https://bugs.php.net/bug.php?id=81744 • CWE-328: Use of Weak Hash CWE-916: Use of Password Hash With Insufficient Computational Effort •