8099 matches found
WordPress Kids Heaven theme <= 3.2 - PHP Object Injection vulnerability
PHP Object Injection vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Kids Heaven versions = 3.2...
WordPress Consult Aid theme <= 1.4.3 - PHP Object Injection vulnerability
PHP Object Injection vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Consult Aid versions = 1.4.3...
WordPress JupiterX Core plugin <= 4.10.1 - PHP Object Injection vulnerability
PHP Object Injection vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin JupiterX Core versions = 4.10.1...
CVE-2025-69276
Deserialization of Untrusted Data vulnerability in Broadcom DX NetOps Spectrum on Windows, Linux allows Object Injection.This issue affects DX NetOps Spectrum: 24.3.13 and earlier...
CVE-2025-69276
Deserialization of Untrusted Data vulnerability in Broadcom DX NetOps Spectrum on Windows, Linux allows Object Injection.This issue affects DX NetOps Spectrum: 24.3.13 and earlier...
CVE-2025-69276
The CVE-2025-69276 entry concerns Broadcom DX NetOps Spectrum (Windows and Linux) with deserialization of untrusted data leading to object injection. Affected versions are 24.3.13 and earlier. Root cause is insecure deserialization of untrusted input. The vulnerability could allow object injectio...
CVE-2025-69276 Spectrum insecure deserialiation
Deserialization of Untrusted Data vulnerability in Broadcom DX NetOps Spectrum on Windows, Linux allows Object Injection.This issue affects DX NetOps Spectrum: 24.3.13 and earlier...
PT-2026-1951
Name of the Vulnerable Software and Affected Versions Broadcom DX NetOps Spectrum versions 24.3.13 and earlier Description A flaw exists in Broadcom DX NetOps Spectrum on Windows and Linux that allows for Object Injection due to deserialization of untrusted data. This issue impacts the software’s...
Broadcom DX NetOps Spectrum 安全漏洞
Broadcom DX NetOps Spectrum is a network fault management and condition monitoring platform from Broadcom Corporation USA. A security vulnerability exists in Broadcom DX NetOps Spectrum versions 24.3.13 and earlier, which stems from deserializing untrustworthy data and could lead to object...
CVE-2025-67911
Deserialization of Untrusted Data vulnerability in Tribulant Software Newsletters newsletters-lite allows Object Injection.This issue affects Newsletters: from n/a through = 4.11...
Realworld-for-Application_FUGIO_FirstFrameworkFuzzingDetectPOI
FUGIO Production Guide Introduction FUGIO is the firs...
CVE-2023-4971
The Weaver Xtreme Theme Support WordPress plugin before 6.3.1 unserialises the content of an imported file, which could lead to PHP object injections issues when a high privilege user import a malicious file and a suitable gadget chain is present on the blog...
CVE-2018-10085
CMS Made Simple CMSMS through 2.2.6 allows PHP object injection because of an unserialize call in the getdata function of \lib\classes\internal\class.LoginOperations.php. By sending a crafted cookie, a remote attacker can upload and execute code, or delete files...
CVE-2018-1000059
ValidFormBuilder version 4.5.4 contains a PHP Object Injection vulnerability in Valid Form unserialize method that can result in Possible to execute unauthorised system commands remotely and disclose file contents in file system...
CVE-2016-10753
e107 2.1.2 allows PHP Object Injection with resultant SQL injection, because usersettings.php uses unserialize without an HMAC...
CVE-2017-18583
The post-pay-counter plugin before 2.731 for WordPress has PHP Object Injection...
CVE-2017-18604
The sitebuilder-dynamic-components plugin through 1.0 for WordPress has PHP object injection via an AJAX request...
CVE-2017-18605
The gravitate-qa-tracker plugin through 1.2.1 for WordPress has PHP Object Injection...
CVE-2019-20452
A problem was found in Pydio Core before 8.2.4 and Pydio Enterprise before 8.2.4. A PHP object injection is present in the page plugins/core.access/src/RecycleBinManager.php. An authenticated user with basic privileges can inject objects and achieve remote code execution...
CVE-2019-20453
A problem was found in Pydio Core before 8.2.4 and Pydio Enterprise before 8.2.4. A PHP object injection is present in the page plugins/uploader.http/HttpDownload.php. An authenticated user with basic privileges can inject objects and achieve remote code execution...