Yet Another Stars Rating <= 1.8.6 - PHP Object Injection

An unauthenticated PHP object injection in the "Yasr – Yet Another Stars Rating" WordPress plugin introduces a starting point for RCE and similiar high-severity vulnerabilities. As of 27.01.2019, the plugin has over 20.000 active installations and round about 500.000 downloads. A shortcode provid...

Magento Multiple Vulnerabilities (Nov 2018)

Magento is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:magentocommerce:magento"; if...

Object Injection

drupal/core is vulnerable to object injection. The vulnerability is possible because it does not properly use third-party PEAR ArchiveTar library, leading to a vulnerability similar to CVE-2018-1000888...

Object Injection in extension "mkmailer" (mkmailer)

It was discovered that included 3rd party library PHPMailer is prone to a PHP object injection vulnerability, potentially allowing a remote attacker to execute arbitrary code...

Pydio Core <= 8.2.1 PHO Object Injection Vulnerability

Pydio Core is prone to a PHP object injection vulnerability. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:pydio:pydio"; if...

WordPress WooCommerce Plugin Privilege Escalation Vulnerability - Windows

The WooCommerce Plugin for WordPress is prone to a privilege escalation vulnerability. This VT has been deprecated and merged into the VT SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right...

WordPress WooCommerce Plugin < 3.2.4 Privilege Escalation Vulnerability

The WordPress plugin SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description scriptoid"1.3.6.1.4.1.25623.1.0.112486";...

CVE-2017-18356

In the Automattic WooCommerce plugin before 3.2.4 for WordPress, an attack is possible after gaining access to the target site with a user account that has at least Shop manager privileges. The attacker then constructs a specifically crafted string that will turn into a PHP object injection...

Code injection

In Pydio before 8.2.2, an attack is possible via PHP Object Injection because a user is allowed to use the $phpserial$a:0: syntax to store a preference. An attacker either needs a "public link" of a file, or access to any unprivileged user account for creation of such a link...

CVE-2018-20718

In Pydio before 8.2.2, an attack is possible via PHP Object Injection because a user is allowed to use the $phpserial$a:0: syntax to store a preference. An attacker either needs a "public link" of a file, or access to any unprivileged user account for creation of such a link...

Remote code execution

In the orders section of PrestaShop before 1.7.2.5, an attack is possible after gaining access to a target store with a user role with the rights of at least a Salesman or higher privileges. The attacker can then inject arbitrary PHP objects into the process and abuse an object chain in order to...

Design/Logic Flaw

In the Automattic WooCommerce plugin before 3.2.4 for WordPress, an attack is possible after gaining access to the target site with a user account that has at least Shop manager privileges. The attacker then constructs a specifically crafted string that will turn into a PHP object injection...

CVE-2017-18356

In the Automattic WooCommerce plugin before 3.2.4 for WordPress, an attack is possible after gaining access to the target site with a user account that has at least Shop manager privileges. The attacker then constructs a specifically crafted string that will turn into a PHP object injection...

CVE-2018-20718

In Pydio before 8.2.2, an attack is possible via PHP Object Injection because a user is allowed to use the $phpserial$a:0: syntax to store a preference. An attacker either needs a "public link" of a file, or access to any unprivileged user account for creation of such a link...

CVE-2018-20718

In Pydio before 8.2.2, an attack is possible via PHP Object Injection because a user is allowed to use the $phpserial$a:0: syntax to store a preference. An attacker either needs a "public link" of a file, or access to any unprivileged user account for creation of such a link...

CVE-2018-20718

In Pydio Core before 8.2.2, a PHP Object Injection vulnerability exists via the $phpserial$a:0:{} syntax used when storing a user preference. An attacker requires either a public link to a file or access to an unprivileged user account to create such a link. The issue is rated CRITICAL (CVSSv3: 9...

CVE-2017-18356

Summary: CVE-2017-18356 affects the WordPress WooCommerce plugin prior to 3.2.4. The issue is a PHP object injection in WC_Shortcode_Products::get_products() triggered via crafted strings in shortcodes, enabled after an attacker with at least Shop Manager privileges gains access to the target sit...

Denial Of Service (DoS) Memory Consumption, Arbitrary Code Execution And Object-injection Attacks

activesupport/coreext/hash/conversions.rb in Ruby on Rails before 2.3.15, 3.0.x before 3.0.19, 3.1.x before 3.1.10, and 3.2.x before 3.2.11 does not properly restrict casts of string values, which allows remote attackers to conduct object-injection attacks and execute arbitrary code, or cause a...

PT-2019-8296 · Automattic · Woocommerce

Name of the Vulnerable Software and Affected Versions: WooCommerce plugin versions prior to 3.2.4 Description: The issue allows an attack after gaining access to the target site with a user account that has at least Shop manager privileges. The attacker constructs a specifically crafted string th...

PEAR Archive_Tar < 1.4.4 - PHP Object Injection Vulnerability

Exploit for php platform in category web applications PEAR ArchiveTar temptarname will be called in the destructor method. If another class with useful gadget is loaded, remote code execution may be possible. Steps to reproduce object injection and arbitrary file deletion: 1. Make sure that PHP &...