CVE-2021-3172
https://notcve.org/view.php?id=CVE-2021-3172
An issue in Php-Fusion v9.03.90 fixed in v9.10.00 allows authenticated attackers to cause a Distributed Denial of Service via the Polling feature. • https://github.com/PHPFusion/PHPFusion/commit/7b8df6925cc7cfd8585d4f34d9120ff3a2e5753e https://github.com/PHPFusion/PHPFusion/issues/2351 •
CVE-2023-0568 – Array overrun in common path resolve code
https://notcve.org/view.php?id=CVE-2023-0568
In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, core path resolution function allocate buffer one byte too small. When resolving paths with lengths close to system MAXPATHLEN setting, this may lead to the byte after the allocated buffer being overwritten with NUL value, which might lead to unauthorized data access or modification. A vulnerability was found in PHP. This security issue occurs because the core path resolution function allocates a buffer one byte small. Resolving paths with lengths close to the system MAXPATHLEN setting may lead to the byte after the allocated buffer being overwritten with a NULL value, which might lead to unauthorized data access or modification. • https://bugs.php.net/bug.php?id=81746 https://security.netapp.com/advisory/ntap-20230517-0001 https://access.redhat.com/security/cve/CVE-2023-0568 https://bugzilla.redhat.com/show_bug.cgi?id=2170770 • CWE-131: Incorrect Calculation of Buffer Size CWE-770: Allocation of Resources Without Limits or Throttling •
CVE-2023-0662 – DoS vulnerability when parsing multipart request body
https://notcve.org/view.php?id=CVE-2023-0662
In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, excessive number of parts in HTTP form upload can cause high resource consumption and excessive number of log entries. This can cause denial of service on the affected server by exhausting CPU resources or disk space. A vulnerability was found in PHP. This security flaw occurs when the request body parsing in PHP allows any unauthenticated attacker to consume a large amount of CPU time and trigger excessive logging. A large amount of CPU time required for processing requests can block all available worker processes and significantly delay or slow the processing of legitimate user requests. • https://github.com/php/php-src/security/advisories/GHSA-54hq-v5wp-fqgv https://security.netapp.com/advisory/ntap-20230517-0001 https://access.redhat.com/security/cve/CVE-2023-0662 https://bugzilla.redhat.com/show_bug.cgi?id=2170761 • CWE-400: Uncontrolled Resource Consumption CWE-779: Logging of Excessive Data •
CVE-2023-0567 – password_verify() always returns true for some invalid hashes
https://notcve.org/view.php?id=CVE-2023-0567
In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, password_verify() function may accept some invalid Blowfish hashes as valid. If such invalid hash ever ends up in the password database, it may lead to an application allowing any password for this entry as valid. A vulnerability was found in PHP. This security flaw occurs when malformatted BCrypt hashes that include a $ within their salt part trigger a buffer overread and may erroneously validate any password as valid. • https://bugs.php.net/bug.php?id=81744 https://github.com/php/php-src/security/advisories/GHSA-7fj2-8x79-rjf4 https://access.redhat.com/security/cve/CVE-2023-0567 https://bugzilla.redhat.com/show_bug.cgi?id=2170771 • CWE-328: Use of Weak Hash CWE-916: Use of Password Hash With Insufficient Computational Effort •
CVE-2021-36503
https://notcve.org/view.php?id=CVE-2021-36503
SQL injection vulnerability in native-php-cms 1.0 allows remote attackers to run arbitrary SQL commands via the cat parameter to /list.php file. • https://github.com/Fanli2012/native-php-cms/issues/3 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •