8069 matches found
Code injection
PHP object injection in the Ajax endpoint of the backend in ForkCMS below version 5.8.3 allows an authenticated remote user to execute malicious code...
CVE-2020-24914
Summary: QCubed PHP object injection in profile.php (affecting all versions including 3.1.1) enables unauthenticated remote code execution by unserializing the POST variable “strProfileData.” The issue stems from PHP object injection in qcubed and is rated CRITICAL (CVSSv3.1: AV:N/AC:L/PR:N/UI:N/...
CVE-2020-24036
PHP object injection in the Ajax endpoint of the backend in ForkCMS below version 5.8.3 allows an authenticated remote user to execute malicious code...
CVE-2020-24036
ForkCMS prior to version 5.8.3 is affected by PHP object injection via the backend Ajax endpoint. The vulnerability allows an authenticated remote user to inject PHP objects through unserialize calls in the Ajax handlers, enabling remote code execution. The issue is specific to ForkCMS’s backend ...
Fork ForkCMS 安全漏洞
ForkCMS is an open source content management system CMS written in PHP. A PHP object injection vulnerability exists in the back-end Ajax endpoint of ForkCMS versions prior to 5.8.3. A remote authenticated attacker can exploit this vulnerability to execute malicious code...
PT-2021-11086 · Qcubed · Qcubed
Name of the Vulnerable Software and Affected Versions: qcubed versions 3.1.1 and earlier Description: A PHP object injection bug in profile.php unserializes the untrusted data of the strProfileData POST-variable, allowing an unauthenticated attacker to execute code via a crafted POST request...
CVE-2021-25294
OpenCATS through 0.9.5-3 unsafely deserializes index.php?m=activity requests, leading to remote code execution. This occurs because lib/DataGrid.php calls unserialize for the parametersactivity:ActivityDataGrid parameter. The PHP object injection exploit chain can leverage an destruct magic metho...
CVE-2021-25294
OpenCATS through 0.9.5-3 unsafely deserializes index.php?m=activity requests, leading to remote code execution. This occurs because lib/DataGrid.php calls unserialize for the parametersactivity:ActivityDataGrid parameter. The PHP object injection exploit chain can leverage an destruct magic metho...
Remote code execution
OpenCATS through 0.9.5-3 unsafely deserializes index.php?m=activity requests, leading to remote code execution. This occurs because lib/DataGrid.php calls unserialize for the parametersactivity:ActivityDataGrid parameter. The PHP object injection exploit chain can leverage an destruct magic metho...
CVE-2021-25294
OpenCATS through 0.9.5-3 unsafely deserializes index.php?m=activity requests, leading to remote code execution. This occurs because lib/DataGrid.php calls unserialize for the parametersactivity:ActivityDataGrid parameter. The PHP object injection exploit chain can leverage an destruct magic metho...
Modal Survey < 2.0.1.8.2 - Authenticated PHP Object Injection
The Unserialize function is used multiple times in the code, for example when importing custom surveys. This could allow a malicious administrator to import a crafted JSON to trigger a PHP Object Injection vulnerability PoC "name":"Open Text Answer Sample", "id":"924478511", "options":"",...
Modal Survey < 2.0.1.8.2 - Authenticated PHP Object Injection
The Unserialize function is used multiple times in the code, for example when importing custom surveys. This could allow a malicious administrator to import a crafted JSON to trigger a PHP Object Injection vulnerability "name":"Open Text Answer Sample", "id":"924478511", "options":"", "global":"0...
WordPress Post Grid plugin PHP object injection vulnerability
WordPress is a set of blogging platforms developed using the PHP language by the WordPress Foundation. A PHP object injection vulnerability exists in the Post Grid plugin for WordPress versions prior to 2.0.73. The vulnerability stems from unsafe deserialization of certain data in parameters. An...
qdPM PHP Object Injection Vulnerability
qdPM is a free Web-based open source project management tool , written in symfony framework for small teams . qdPM 9.1 and earlier versions have PHP object injection vulnerabilities. An attacker can exploit this vulnerability by using timeReportActions::executeExport in...
CVE-2020-35938
PHP Object injection vulnerabilities in the Post Grid plugin before 2.0.73 for WordPress allow remote authenticated attackers to inject arbitrary PHP objects due to insecure unserialization of data supplied in a remotely hosted crafted payload in the source parameter via AJAX. The action must be...
CVE-2020-35932
Insecure Deserialization in the Newsletter plugin before 6.8.2 for WordPress allows authenticated remote attackers with minimal privileges such as subscribers to use the tpncrender AJAX action to inject arbitrary PHP objects via the optionsinlineedits parameter. NOTE: exploitability depends on PH...
CVE-2020-35939
PHP Object injection vulnerabilities in the Team Showcase plugin before 1.22.16 for WordPress allow remote authenticated attackers to inject arbitrary PHP objects due to insecure unserialization of data supplied in a remotely hosted crafted payload in the source parameter via AJAX. The action mus...
CVE-2020-35939
PHP Object injection vulnerabilities in the Team Showcase plugin before 1.22.16 for WordPress allow remote authenticated attackers to inject arbitrary PHP objects due to insecure unserialization of data supplied in a remotely hosted crafted payload in the source parameter via AJAX. The action mus...
CVE-2020-35938
PHP Object injection vulnerabilities in the Post Grid plugin before 2.0.73 for WordPress allow remote authenticated attackers to inject arbitrary PHP objects due to insecure unserialization of data supplied in a remotely hosted crafted payload in the source parameter via AJAX. The action must be...
Design/Logic Flaw
PHP Object injection vulnerabilities in the Post Grid plugin before 2.0.73 for WordPress allow remote authenticated attackers to inject arbitrary PHP objects due to insecure unserialization of data supplied in a remotely hosted crafted payload in the source parameter via AJAX. The action must be...