CVEs-PoC/2019/CVE-2019-9020.md at b0e96c877abb080d7cf221c036336480ff266ccf

CalvinBackup/CVEs-PoC

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2026-05-09 02:45:46 +02:00

Files

T

0xMarcio 48a00929ac Removed duplicates

2024-06-18 02:51:15 +02:00

Description

An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. Invalid input to the function xmlrpc_decode() can lead to an invalid memory access (heap out of bounds read or read after free). This is related to xml_elem_parse_buf in ext/xmlrpc/libxmlrpc/xml_element.c.

POC

Reference

https://hackerone.com/reports/477896
https://usn.ubuntu.com/3902-1/

Github

https://github.com/ARPSyndicate/cvemon
https://github.com/syadg123/pigat
https://github.com/teamssix/pigat

883 B Raw Blame History

CVE-2019-9020

Description

POC

Reference

Github

883 B

Raw Blame History