CVE-2023-53944
- EPSS 0.23%
- Veröffentlicht 18.12.2025 19:53:36
- Zuletzt bearbeitet 26.12.2025 16:55:30
EasyPHP Webserver 14.1 contains a path traversal vulnerability that allows remote users with low privileges to access files outside the document root by bypassing SecurityManager restrictions. Attackers can send GET requests with encoded directory tr...
CVE-2023-53941
- EPSS 68.64%
- Veröffentlicht 18.12.2025 19:53:35
- Zuletzt bearbeitet 26.12.2025 16:55:17
EasyPHP Webserver 14.1 contains an OS command injection vulnerability that allows unauthenticated attackers to execute arbitrary system commands by injecting malicious payloads through the app_service_control parameter. Attackers can send POST reques...
CVE-2024-11215
- EPSS 0.11%
- Veröffentlicht 14.11.2024 14:15:18
- Zuletzt bearbeitet 07.01.2026 21:08:31
Absolute path traversal (incorrect restriction of a path to a restricted directory) vulnerability in the EasyPHP web server, affecting version 14.1. This vulnerability could allow remote users to bypass SecurityManager restrictions and retrieve any f...
CVE-2023-3767
- EPSS 0.79%
- Veröffentlicht 27.09.2023 15:18:56
- Zuletzt bearbeitet 21.11.2024 08:18:01
An OS command injection vulnerability has been found on EasyPHP Webserver affecting version 14.1. This vulnerability could allow an attacker to get full access to the system by sending a specially crafted exploit to the /index.php?zone=settings para...