CVE-2026-8612

WWW::Mechanize::Cached versions before 2.00 for Perl deserialize cached HTTP responses from a world-writable on-disk cache, enabling local response forgery and code execution. With no explicit cache backend, WWW::Mechanize::Cached constructs a default Cache::FileCache under /tmp/FileCache without...

CVE-2026-8612

WWW::Mechanize::Cached versions before 2.00 for Perl deserialize cached HTTP responses from a world-writable on-disk cache, enabling local response forgery and code execution. With no explicit cache backend, WWW::Mechanize::Cached constructs a default Cache::FileCache under /tmp/FileCache without...

EUVD-2026-30495

WWW::Mechanize::Cached versions before 2.00 for Perl deserialize cached HTTP responses from a world-writable on-disk cache, enabling local response forgery and code execution. With no explicit cache backend, WWW::Mechanize::Cached constructs a default Cache::FileCache under /tmp/FileCache without...

CVE-2026-8612

WWW::Mechanize::Cached versions before 2.00 for Perl deserialize cached HTTP responses from a world-writable on-disk cache, enabling local response forgery and code execution. With no explicit cache backend, WWW::Mechanize::Cached constructs a default Cache::FileCache under /tmp/FileCache without...

WWW::Mechanize::Cached 代码问题漏洞

WWW::Mechanize::Cached is an open-source module developed by libwww-perl for the Perl language, serving as an extension to WWW::Mechanize. Versions of WWW::Mechanize::Cached prior to version 2.00 contained code vulnerabilities. These vulnerabilities stemmed from the ability to deserialize HTTP...

PT-2026-41236

WWW::Mechanize::Cached versions before 2.00 for Perl deserialize cached HTTP responses from a world-writable on-disk cache, enabling local response forgery and code execution. With no explicit cache backend, WWW::Mechanize::Cached constructs a default Cache::FileCache under /tmp/FileCache without...

CVE-2014-125112

A vulnerability was identified in Plack::Middleware::Session::Cookie when session data is deserialized from cookies using Storable::thaw. If the secret parameter is not configured or is compromised, an attacker can craft a malicious session cookie containing serialized objects. Because...

EUVD-2012-6004

Malware in sbrugna...

EUVD-2012-6002

Malware in sbrugna...

EUVD-2012-6003

Malware in sbrugna...

UBUNTU-CVE-2013-2184

Movable Type before 5.2.6 does not properly use the Storable::thaw function, which allows remote attackers to execute arbitrary code via the commentstate parameter...

CVE-2013-2184

Movable Type before 5.2.6 does not properly use the Storable::thaw function, which allows remote attackers to execute arbitrary code via the commentstate parameter...

CVE-2013-2184

CVE-2013-2184 affects Movable Type before 5.2.6. The vulnerability arises from unsafe use of Storable::thaw when handling comments to blog posts, enabling remote code execution via the comment_state parameter. Multiple connected sources confirm a remote arbitrary-code execution risk and reference...

CVE-2013-2184

Movable Type before 5.2.6 does not properly use the Storable::thaw function, which allows remote attackers to execute arbitrary code via the commentstate parameter...

Debian DSA-3183-1 : movabletype-opensource - security update

Multiple vulnerabilities have been discovered in Movable Type, a blogging system. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2013-2184 Unsafe use of Storable::thaw in the handling of comments to blog posts could allow remote attackers to include and...

[SECURITY] [DSA 3183-1] movabletype-opensource security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3183-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso March 12, 2015 http://www.debian.org/security/faq -...

Debian Security Advisory DSA 3183-1 (movabletype-opensource - security update)

Multiple vulnerabilities have been discovered in Movable Type, a blogging system. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2013-2184 Unsafe use of Storable::thaw in the handling of comments to blog posts could allow remote attackers to include and...

Debian: Security Advisory (DSA-3183-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2015-1592

Movable Type Pro, Open Source, and Advanced before 5.2.12 and Pro and Advanced 6.0.x before 6.0.7 does not properly use the Perl Storable::thaw function, which allows remote attackers to include and execute arbitrary local Perl files and possibly execute arbitrary code via unspecified vectors...

Code injection

Movable Type Pro, Open Source, and Advanced before 5.2.12 and Pro and Advanced 6.0.x before 6.0.7 does not properly use the Perl Storable::thaw function, which allows remote attackers to include and execute arbitrary local Perl files and possibly execute arbitrary code via unspecified vectors...