phpxmlrpc/phpxmlrpc Security Advisories for 4.7.1 (5)
-
[MEDIUM] XML-RPC for PHP allows access to local files via malicious argument to the Client::send method
PKSA-r5ck-vvx8-rnw9 GHSA-m95x-m25c-w9mp
Affected version: <4.9.0
Reported by:
GitHub -
[MEDIUM] XML-RPC for PHP's `Wrapper::buildClientWrapperCode` method allows code injection via malicious `$client` argument
PKSA-pff1-8v8x-9rx5 GHSA-7vcx-v65q-9wpg
Affected version: <4.9.0
Reported by:
GitHub -
[MEDIUM] XML-RPC for PHP's debugger vulnerable to possible XSS attack
PKSA-c5zt-z1yj-857c GHSA-pxqj-xrv5-qvjf
Affected version: <4.9.2
Reported by:
GitHub -
[HIGH] local file access in `Client:send` via manipulation of `$protocol` argument
PKSA-qbxp-nvx8-17hx GHSA-3fgr-xjr6-xqm8
Affected version: <4.9.0
Reported by:
GitHub, FriendsOfPHP/security-advisories -
[MEDIUM] code injection in `Wrapper::buildClientWrapperCode` via manipulation of the `$client` argument
PKSA-tk5q-fn3c-7qhz GHSA-q7qq-9gx2-ggxv
Affected version: <4.9.0
Reported by:
GitHub, FriendsOfPHP/security-advisories