A new PHP for Windows remote code execution (RCE) vulnerability has been disclosed, impacting all releases since version 5.x, potentially impacting a massive number of servers worldwide. PHP is a ...

Threat intelligence company GreyNoise warns that a critical PHP remote code execution vulnerability that impacts Windows systems is now under mass exploitation. Tracked as CVE-2024-4577, this PHP-CGI ...

A critical vulnerability in the PHP programming language can be trivially exploited to execute malicious code on Windows devices, security researchers warned as they urged those affected to take ...

CVE-2019-11043 is trivial to exploit — and a proof of concept is available. A buffer underflow bug in PHP could allow remote code-execution (RCE) on targeted NGINX servers. First discovered during a ...

ESET researchers discovered a code execution vulnerability in WPS Office for Windows (CVE⁠-⁠2024⁠-⁠7262), as it was being exploited by APT-C-60, a South Korea-aligned cyberespionage group. Upon ...

The RCE bugs impact PHP Everywhere, a utility for web developers to be able to use PHP code in pages, posts, the sidebar, or anywhere with a Gutenberg block – editor blocks in WordPress – on domains ...

The issue impacts several content management systems, including Typo3 and WordPress, as well as widely-used PDF generation library TCPDF. Researchers have created a proof-of-concept exploit that would ...

Microsoft has broken its own record for releasing CVEs in June's Patch Tuesday as the software giant has patched 129 vulnerabilities in Windows 10, Office, Microsoft Edge and its other software. This ...