Finding entry points Branch analysis from position: 0 2 jumps found. (Code = 77) Position 1 = 16, Position 2 = 54 Branch analysis from position: 16 2 jumps found. (Code = 78) Position 1 = 17, Position 2 = 54 Branch analysis from position: 17 1 jumps found. (Code = 42) Position 1 = 16 Branch analysis from position: 16 Branch analysis from position: 54 1 jumps found. (Code = 62) Position 1 = -2 Branch analysis from position: 54 filename: /in/O3AbL function name: (null) number of ops: 56 compiled vars: !0 = $html, !1 = $doc, !2 = $xpath, !3 = $feed_items, !4 = $feed_item, !5 = $impact_node, !6 = $impact, !7 = $severity_node, !8 = $severity line #* E I O op fetch ext return operands ------------------------------------------------------------------------------------- 3 0 E > ASSIGN !0, '%3Cul+class%3D%22newsfeed%22%3E%0A%09%09%09%09%09%09%09%09%09%3Cli%3E%0A%09%09%09%09%09%09%09%09%09%09%09%3Cspan+class%3D%22feed-link%22%3E%0A%09%09%09%09%09%09%3Ca+href%3D%22https%3A%2F%2Ffeeds.joomla.org%2F%7Er%2FJoomlaSecurityNews%2F%7E3%2FGIZJHbqr1wQ%2F797-20191202-core-various-sql-injections-through-configuration-parameters.html%22+target%3D%22_blank%22%3E%0A%09%09%09%09%09%09%5B20191202%5D+-+Core+-+Various+SQL+injections+through+configuration+parameters%3C%2Fa%3E%3C%2Fspan%3E%0A%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%3Cdiv+class%3D%22feed-item-date%22%3E%0A%09%09%09%09%09%09%0916+December+2019%09%09%09%09%09%09%3C%2Fdiv%3E%0A%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%3Cdiv+class%3D%22feed-item-description%22%3E%0A%09%09%09%09%09%09%3Cul%3E%0A%3Cli%3E%3Cstrong%3EProject%3A%3C%2Fstrong%3E+Joomla%21%3C%2Fli%3E%0A%3Cli%3E%3Cstrong%3ESubProject%3A%3C%2Fstrong%3E+CMS%3C%2Fli%3E%0A%3Cli%3E%3Cstrong%3EImpact%3A%3C%2Fstrong%3E+%3Cspan+class%3D%22label+label-danger%22%3EHigh%3C%2Fspan%3E%3C%2Fli%3E%0A%3Cli%3E%3Cstrong%3ESeverity%3A%3C%2Fstrong%3E+%3Cspan+class%3D%22label+label-info%22%3ELow%3C%2Fspan%3E%3C%2Fli%3E%0A%3Cli%3E%3Cstrong%3EVersions%3A%3C%2Fstrong%3E+2.5.0+-+3.9.13%3C%2Fli%3E%0A%3Cli%3E%3Cstrong%3EExploit+type%3A%3C%2Fstrong%3E%26nbsp%3BSQL%26nbsp%3Binjection%3C%2Fli%3E%0A%3Cli%3E%3Cstrong%3EReported+Date%3A%3C%2Fstrong%3E+2019-December-01%3C%2Fli%3E%0A%3Cli%3E%3Cstrong%3EFixed+Date%3A%3C%2Fstrong%3E+2019-December-17%3C%2Fli%3E%0A%3Cli%3E%3Cstrong%3ECVE+Number%3A%3C%2Fstrong%3E+%3Ca+href%3D%22https%3A%2F%2Fcve.mitre.org%2Fcgi-bin%2Fcvename.cgi%3Fname%3DCVE-2019-19846%22%3ECVE-2019-19846%3C%2Fa%3E%3C%2Fli%3E%0A%3C%2Ful%3E%0A%3Ch3%3EDescription%3C%2Fh3%3E%0A%3Cp%3EThe+lack+of+validation+of+configuration+parameters+used+in+SQL+queries+caused+various+SQL+injection+vectors.%3C%2Fp%3E%0A%3Ch3%3EAffected+Installs%3C%2Fh3%3E%0A%3Cp%3EJoomla%21+CMS+versions+2.5.0+-+3.9.13%3C%2Fp%3E%0A%3Ch3%3ESolution%3C%2Fh3%3E%0A%3Cp%3EUpgrade+to+version+3.9.14%3C%2Fp%3E%0A%3Ch3%3EContact%3C%2Fh3%3E%0A%3Cp%3EThe+JSST+at+the+%3Ca+title%3D%22Contact+the+JSST%22+href%3D%22https%3A%2F%2Fdeveloper.joomla.org%2Fsecurity-centre.html%22%3EJoomla%21+Security+Centre%3C%2Fa%3E.%3C%2Fp%3E%0A%3Cdiv+class%3D%22alert+alert-info%22%3E%3Cstrong%3EReported+By%3A%26nbsp%3B%3C%2Fstrong%3Eka1n4t%3C%2Fdiv%3E%3Cdiv+class%3D%22feedflare%22%3E%0A%3Ca+href%3D%22https%3A%2F%2Ffeeds.joomla.org%2F%7Eff%2FJoomlaSecurityNews%3Fa%3DGIZJHbqr1wQ%3AmKZamezlv3g%3AyIl2AUoC8zA%22%3E%3C%2Fa%3E%0A%3C%2Fdiv%3E%09%09%09%09%09%09%3C%2Fdiv%3E%0A%09%09%09%09%09%09%09%09%09%3C%2Fli%3E%0A%09%09%09%09%09%09%09%09%09%3Cli%3E%0A%09%09%09%09%09%09%09%09%09%09%09%3Cspan+class%3D%22feed-link%22%3E%0A%09%09%09%09%09%09%3Ca+href%3D%22https%3A%2F%2Ffeeds.joomla.org%2F%7Er%2FJoomlaSecurityNews%2F%7E3%2F_fWsZ57Sw7g%2F796-20191201-core-path-disclosure-in-framework-files.html%22+target%3D%22_blank%22%3E%0A%09%09%09%09%09%09%5B20191201%5D+-+Core+-+Path+Disclosure+in+framework+files%3C%2Fa%3E%3C%2Fspan%3E%0A%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%3Cdiv+class%3D%22feed-item-date%22%3E%0A%09%09%09%09%09%09%0916+December+2019%09%09%09%09%09%09%3C%2Fdiv%3E%0A%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%3Cdiv+class%3D%22feed-item-description%22%3E%0A%09%09%09%09%09%09%3Cul%3E%0A%3Cli%3E%3Cstrong%3EProject%3A%3C%2Fstrong%3E+Joomla%21%3C%2Fli%3E%0A%3Cli%3E%3Cstrong%3ESubProject%3A%3C%2Fstrong%3E+CMS%3C%2Fli%3E%0A%3Cli%3E%3Cstrong%3EImpact%3A%3C%2Fstrong%3E%26nbsp%3BLow%3C%2Fli%3E%0A%3Cli%3E%3Cstrong%3ESeverity%3A%3C%2Fstrong%3E+%3Cspan+class%3D%22label+label-info%22%3ELow%3C%2Fspan%3E%3C%2Fli%3E%0A%3Cli%3E%3Cstrong%3EVersions%3A%3C%2Fstrong%3E+3.8.0+-+3.9.13%3C%2Fli%3E%0A%3Cli%3E%3Cstrong%3EExploit+type%3A%3C%2Fstrong%3E+Path+Disclosure%3C%2Fli%3E%0A%3Cli%3E%3Cstrong%3EReported+Date%3A%3C%2Fstrong%3E+2019-November-22%3C%2Fli%3E%0A%3Cli%3E%3Cstrong%3EFixed+Date%3A%3C%2Fstrong%3E+2019-December-17%3C%2Fli%3E%0A%3Cli%3E%3Cstrong%3ECVE+Number%3A%3C%2Fstrong%3E+%3Ca+href%3D%22https%3A%2F%2Fcve.mitre.org%2Fcgi-bin%2Fcvename.cgi%3Fname%3DCVE-2019-19845%22%3ECVE-2019-19845%3C%2Fa%3E%3C%2Fli%3E%0A%3C%2Ful%3E%0A%3Ch3%3EDescription%3C%2Fh3%3E%0A%3Cp%3EMissing+access+check+in+framework+files+could+lead+to+a+path+disclosure.%3C%2Fp%3E%0A%3Ch3%3EAffected+Installs%3C%2Fh3%3E%0A%3Cp%3EJoomla%21+CMS+versions+3.8.0+-+3.9.13%3C%2Fp%3E%0A%3Ch3%3ESolution%3C%2Fh3%3E%0A%3Cp%3EUpgrade+to+version+3.9.14%3C%2Fp%3E%0A%3Ch3%3EContact%3C%2Fh3%3E%0A%3Cp%3EThe+JSST+at+the+%3Ca+title%3D%22Contact+the+JSST%22+href%3D%22https%3A%2F%2Fdeveloper.joomla.org%2Fsecurity-centre.html%22%3EJoomla%21+Security+Centre%3C%2Fa%3E.%3C%2Fp%3E%0A%3Cdiv+class%3D%22alert+alert-info%22%3E%3Cstrong%3EReported+By%3A%26nbsp%3B%3C%2Fstrong%3ELee+Thao%2C+Viettel+Cyber+Security%3C%2Fdiv%3E%3Cdiv+class%3D%22feedflare%22%3E%0A%3Ca+href%3D%22https%3A%2F%2Ffeeds.joomla.org%2F%7Eff%2FJoomlaSecurityNews%3Fa%3D_fWsZ57Sw7g%3AuVTwWaDiNQ0%3AyIl2AUoC8zA%22%3E%3C%2Fa%3E%0A%3C%2Fdiv%3E%09%09%09%09%09%09%3C%2Fdiv%3E%0A%09%09%09%09%09%09%09%09%09%3C%2Fli%3E%0A%09%09%09%09%09%09%09%09%09%3Cli%3E%0A%09%09%09%09%09%09%09%09%09%09%09%3Cspan+class%3D%22feed-link%22%3E%0A%09%09%09%09%09%09%3Ca+href%3D%22https%3A%2F%2Ffeeds.joomla.org%2F%7Er%2FJoomlaSecurityNews%2F%7E3%2FZi-lVuM4KoY%2F795-20191002-core-path-disclosure-in-phpuft8-mapping-files.html%22+target%3D%22_blank%22%3E%0A%09%09%09%09%09%09%5B20191002%5D+-+Core+-+Path+Disclosure+in+phpuft8+mapping+files%3C%2Fa%3E%3C%2Fspan%3E%0A%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%3Cdiv+class%3D%22feed-item-date%22%3E%0A%09%09%09%09%09%09%0905+November+2019%09%09%09%09%09%09%3C%2Fdiv%3E%0A%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%09%3Cdiv+class%3D%22feed-item-description%22%3E%0A%09%09%09%09%09%09%3Cul%3E%0A%3Cli%3E%3Cstrong%3EProject%3A%3C%2Fstrong%3E+Joomla%21%3C%2Fli%3E%0A%3Cli%3E%3Cstrong%3ESubProject%3A%3C%2Fstrong%3E+CMS%3C%2Fli%3E%0A%3Cli%3E%3Cstrong%3EImpact%3A%3C%2Fstrong%3E%26nbsp%3BLow%3C%2Fli%3E%0A%3Cli%3E%3Cstrong%3ESeverity%3A%3C%2Fstrong%3E+%3Cspan+class%3D%22label+label-info%22%3ELow%3C%2Fspan%3E%3C%2Fli%3E%0A%3Cli%3E%3Cstrong%3EVersions%3A%3C%2Fstrong%3E+3.6.0+-+3.9.12%3C%2Fli%3E%0A%3Cli%3E%3Cstrong%3EExploit+type%3A%3C%2Fstrong%3E+Path+Disclosure%3C%2Fli%3E%0A%3Cli%3E%3Cstrong%3EReported+Date%3A%3C%2Fstrong%3E+2019-November-01%3C%2Fli%3E%0A%3Cli%3E%3Cstrong%3EFixed+Date%3A%3C%2Fstrong%3E+2019-November-05%3C%2Fli%3E%0A%3Cli%3E%3Cstrong%3ECVE+Number%3A%3C%2Fstrong%3E+%3Ca+href%3D%22https%3A%2F%2Fcve.mitre.org%2Fcgi-bin%2Fcvename.cgi%3Fname%3DCVE-2019-18674%22%3ECVE-2019-18674%3C%2Fa%3E%3C%2Fli%3E%0A%3C%2Ful%3E%0A%3Ch3%3EDescription%3C%2Fh3%3E%0A%3Cp%3EMissing+access+check+in+the+phputf8+mapping+files+could+lead+to+an+path+disclosure.%3C%2Fp%3E%0A%3Ch3%3EAffected+Installs%3C%2Fh3%3E%0A%3Cp%3EJoomla%21+CMS+versions+3.6.0+-+3.9.12%3C%2Fp%3E%0A%3Ch3%3ESolution%3C%2Fh3%3E%0A%3Cp%3EUpgrade+to+version+3.9.13%3C%2Fp%3E%0A%3Ch3%3EContact%3C%2Fh3%3E%0A%3Cp%3EThe+JSST+at+the+%3Ca+title%3D%22Contact+the+JSST%22+href%3D%22https%3A%2F%2Fdeveloper.joomla.org%2Fsecurity-centre.html%22%3EJoomla%21+Security+Centre%3C%2Fa%3E.%3C%2Fp%3E%0A%3Cdiv+class%3D%22alert+alert-info%22%3E%3Cstrong%3EReported+By%3A%26nbsp%3B%3C%2Fstrong%3EPhil+Taylor%3C%2Fdiv%3E%3Cdiv+class%3D%22feedflare%22%3E%0A%3Ca+href%3D%22https%3A%2F%2Ffeeds.joomla.org%2F%7Eff%2FJoomlaSecurityNews%3Fa%3DZi-lVuM4KoY%3AeFsJw4QiCW0%3AyIl2AUoC8zA%22%3E%3C%2Fa%3E%0A%3C%2Fdiv%3E%09%09%09%09%09%09%3C%2Fdiv%3E%0A%09%09%09%09%09%09%09%09%09%3C%2Fli%3E%0A%09%09%09%09%3C%2Ful%3E' 96 1 NEW $10 'DOMDocument' 2 DO_FCALL 0 3 ASSIGN !1, $10 97 4 INIT_METHOD_CALL !1, 'loadHTML' 5 SEND_VAR_EX !0 6 DO_FCALL 0 98 7 NEW $14 'DOMXPath' 8 SEND_VAR_EX !1 9 DO_FCALL 0 10 ASSIGN !2, $14 99 11 INIT_METHOD_CALL !2, 'query' 12 SEND_VAL_EX '%2F%2Fdiv%5Bcontains%28%40class%2C+%22feed-item-description%22%29%5D' 13 DO_FCALL 0 $17 14 ASSIGN !3, $17 100 15 > FE_RESET_R $19 !3, ->54 16 > > FE_FETCH_R $19, !4, ->54 101 17 > INIT_METHOD_CALL !2, 'query' 18 SEND_VAL_EX '%2A%2Fli%5Bcontains%28string%28%29%2C+%22Impact%3A%22%29%5D' 19 SEND_VAR_EX !4 20 DO_FCALL 0 $20 21 ASSIGN !5, $20 102 22 INIT_FCALL 'preg_replace' 23 SEND_VAL '%2FImpact%3A%5CW%2A%2F' 24 SEND_VAL '' 25 INIT_METHOD_CALL !5, 'item' 26 SEND_VAL_EX 0 27 DO_FCALL 0 $22 28 FETCH_OBJ_R ~23 $22, 'textContent' 29 SEND_VAL ~23 30 DO_ICALL $24 31 ASSIGN !6, $24 103 32 CONCAT ~26 'Impact%3A+', !6 33 CONCAT ~27 ~26, '%0A' 34 ECHO ~27 104 35 INIT_METHOD_CALL !2, 'query' 36 SEND_VAL_EX '%2A%2Fli%5Bcontains%28string%28%29%2C+%22Severity%3A%22%29%5D' 37 SEND_VAR_EX !4 38 DO_FCALL 0 $28 39 ASSIGN !7, $28 105 40 INIT_FCALL 'preg_replace' 41 SEND_VAL '%2FSeverity%3A%5CW%2A%2Fu' 42 SEND_VAL '' 43 INIT_METHOD_CALL !7, 'item' 44 SEND_VAL_EX 0 45 DO_FCALL 0 $30 46 FETCH_OBJ_R ~31 $30, 'textContent' 47 SEND_VAL ~31 48 DO_ICALL $32 49 ASSIGN !8, $32 106 50 CONCAT ~34 'Severity%3A+', !8 51 CONCAT ~35 ~34, '%0A' 52 ECHO ~35 100 53 > JMP ->16 54 > FE_FREE $19 107 55 > RETURN 1
Generated using Vulcan Logic Dumper, using php 8.0.0