CVE-2023-3824 - Understanding the PHP Phar File Stack Buffer Overflow Vulnerability
PHP powers a big part of the web and is used by millions of websites and applications. But even popular software isn’t immune to
CVE-2023-3823 - The Hidden Risks in PHP’s XML Functions – How Leaky Global State Led to File Disclosure
In mid-2023, security researchers uncovered a subtle yet severe vulnerability in PHP, affecting versions 8. (before 8..30), 8.1 (before 8.1.22), and
CVE-2023-39008 - Command Injection in OPNsense /api/cron/settings/setJob/ — How Attackers Can Execute System Commands
In July 2023, security researchers uncovered a significant vulnerability in OPNsense — the open-source firewall and routing platform widely used in both professional and home environments.
CVE-2023-39002 - Breaking Down the OPNsense 23.7 XSS Vulnerability in `system_certmanager.php` (with PoC)
CVE-2023-39002 is a recently discovered cross-site scripting (XSS) vulnerability in OPNsense’s system_certmanager.php script. Affecting versions before 23.7, this security issue lets
CVE-2023-38998 - Open Redirect in OPNsense <23.7 — What It Means and How Attackers Can Exploit It
Security vulnerabilities can sometimes seem complicated, but some are dangerously simple. CVE-2023-38998 is a perfect example. Found in the OPNsense firewall before version 23.7,
Episode
00:00:00
00:00:00