Red Hat Security Advisory 2015-1053-01 – PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The php55 packages provide a recent stable release of PHP with the PEAR 1.9.4, memcache 3.0.8, and mongo 1.4.5 PECL extensions, and a number of additional utilities. The php55 packages have been upgraded to upstream version 5.5.21, which provides multiple bug fixes over the version shipped in Red Hat Software Collections 1.

ProductCart version 2.1 suffers from a database disclosure vulnerability.

pppBLOG version 0.3.11 suffers from access bypass and cross site scripting vulnerabilities.

Open Letters Newsletter system version 1.0.5 suffers from administrative bypass and cross site scripting vulnerabilities. Note that this finding houses site-specific data.

Maian Gallery version 2.0 suffers from remote SQL injection and HTTP response splitting vulnerabilities.

CmyDocument CMS suffers from a database disclosure vulnerability.

Chmool Net version 2 suffers from direct unauthenticated administrative interface access and remote SQL injection vulnerabilities.

Chmool Net version 1 suffers from a direct unauthenticated administrative interface access vulnerability.

AnimaGallery version 2.6 suffers from cross site scripting, local file inclusion, and remote shell upload vulnerabilities.

Gargoyle routers version 1.5.x suffers from an authenticated remote code execution vulnerability.