The Multi-State Information Sharing & Analysis Center (MS-ISAC) has released an advisory on multiple Hypertext Preprocessor (PHP) vulnerabilities. An attacker could exploit one of these vulnerabilities to take control of an affected system.
PHP 7.2 prior to 7.2.10
PHP 7.1 prior to 7.1.22
PHP 7.0 prior to 7.0.32
PHP 5.6 prior to 5.6.38
CERT Bulgaria encourages users and administrators to review MS-ISAC Advisory 2018-101 and the PHP Downloads page and apply the necessary updates.