Tag: PHP
You are here: Home \ PHP
The issue impacts several content management systems, including Typo3 and WordPress, as well as widely-used PDF generation library TCPDF.
Researchers at SEC Consult disclosed a command injection vulnerability in Ubiquiti Networks gear for ISPs after a private disclosure to the vendor in November went unresolved.
WordPress security experts said that 1.5M sites have been defaced following the disclosure of a silently fixed content injection vulnerability.
Critical remote code execution vulnerabilities in PHPMailer and SwiftMailer, libraries used to send emails via PHP, were patched this week.
A PHP vulnerability that exposed adult website PornHub’s user data to hackers and allowed for code execution on servers hosting the site, earned a trio of German researchers $22,000 as part of a bug bounty program. PHP patched the vulnerability in June. The flaw is tied to a use-after-free memory corruption bug that takes place when...
It’s recently been discovered that PHP File Manager user database in file ‘/db/valid.users’ is completely unprotected and can be freely downloaded via any web browser. Password hashes stored in the user database are unsalted and are generated via the deprecated MD5 hash algorithm. Most of these hashes can be instantly reverted back to their original...