Lucene search
K

460 matches found

WPVulnDB
WPVulnDB
added 2023/03/21 12:0 a.m.28 views

User Registration < 2.3.3 - Subscriber+ PHP Object Injection

The plugin unserializes user input via the urgetuserextrafields and userregistrationformfield function, which could allow any authenticated users, such as subscriber to perform PHP Object Injection when a suitable gadget is present on the blog...

9.4AI score0.00611EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
added 2023/02/21 7:57 p.m.30 views

K58581302: Archive_Tar vulnerabilities CVE-2020-28948 and CVE-2020-28949

Security Advisory Description CVE-2020-28948 ArchiveTar through 1.4.10 allows an unserialization attack because phar: is blocked but PHAR: is not blocked. CVE-2020-28949 ArchiveTar through 1.4.10 has :// filename sanitization only to address phar attacks, and thus any other stream-wrapper attack...

7.8CVSS7.6AI score0.84554EPSS
Exploits5
F5 Networks
F5 Networks
added 2023/02/21 7:4 p.m.44 views

K05918709: PHP vulnerability CVE-2016-7479

Security Advisory Description In all versions of PHP 7, during the unserialization process, resizing the 'properties' hash table of a serialized object may lead to use-after-free. A remote attacker may exploit this bug to gain arbitrary code execution. CVE-2016-7479 Impact There is no impact; F5...

9.8CVSS9.3AI score0.41943EPSS
Exploits1
Cvelist
Cvelist
added 2023/02/21 8:51 a.m.22 views

CVE-2023-0232 ShopLentor < 2.5.4 - PHP Object Injection

The ShopLentor WordPress plugin before 2.5.4 unserializes user input from cookies in order to track viewed products and user data, which could lead to PHP Object Injection...

9.7AI score0.03317EPSS
Exploits1References2
BDU FSTEC
BDU FSTEC
added 2023/02/20 12:0 a.m.8 views

The vulnerability of the PHP framework Yii, related to the restoration of unreliable data structures in memory, allows attackers to execute arbitrary code.

The vulnerability of the PHP framework Yii is related to the restoration of unreliable data structures in memory. Exploiting this vulnerability allows an attacker operating remotely to execute arbitrary code...

10CVSS7.9AI score0.01461EPSS
Exploits1References4Affected Software1
SUSE CVE
SUSE CVE
added 2023/02/15 5:28 a.m.5 views

SUSE CVE-2014-3515

The SPL component in PHP before 5.4.30 and 5.5.x before 5.5.14 incorrectly anticipates that certain data structures will have the array data type after unserialization, which allows remote attackers to execute arbitrary code via a crafted string that triggers use of a Hashtable destructor, relate...

7.5CVSS9.2AI score0.30128EPSS
Exploits4References7
SUSE CVE
SUSE CVE
added 2023/02/15 5:23 a.m.1 views

SUSE CVE-2015-0231

Use-after-free vulnerability in the processnesteddata function in ext/standard/varunserializer.re in PHP before 5.4.37, 5.5.x before 5.5.21, and 5.6.x before 5.6.5 allows remote attackers to execute arbitrary code via a crafted unserialize call that leverages improper handling of duplicate...

7.5CVSS8.1AI score0.42593EPSS
Exploits5References9
SUSE CVE
SUSE CVE
added 2023/02/15 5:14 a.m.6 views

SUSE CVE-2015-6831

Multiple use-after-free vulnerabilities in SPL in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 allow remote attackers to execute arbitrary code via vectors involving 1 ArrayObject, 2 SplObjectStorage, and 3 SplDoublyLinkedList, which are mishandled during unserialization...

7.3CVSS8.3AI score0.07057EPSS
Exploits0References11
SUSE CVE
SUSE CVE
added 2023/02/15 5:14 a.m.5 views

SUSE CVE-2015-6834

Multiple use-after-free vulnerabilities in PHP before 5.4.45, 5.5.x before 5.5.29, and 5.6.x before 5.6.13 allow remote attackers to execute arbitrary code via vectors related to 1 the Serializable interface, 2 the SplObjectStorage class, and 3 the SplDoublyLinkedList class, which are mishandled...

9.8CVSS8.2AI score0.46801EPSS
Exploits4References6
SUSE CVE
SUSE CVE
added 2023/02/15 4:58 a.m.2 views

SUSE CVE-2016-7411

ext/standard/varunserializer.re in PHP before 5.6.26 mishandles object-deserialization failures, which allows remote attackers to cause a denial of service memory corruption or possibly have unspecified other impact via an unserialize call that references a partially constructed object...

9.8CVSS7.7AI score0.05649EPSS
Exploits1References9
SUSE CVE
SUSE CVE
added 2023/02/15 4:58 a.m.5 views

SUSE CVE-2016-7417

ext/spl/splarray.c in PHP before 5.6.26 and 7.x before 7.0.11 proceeds with SplArray unserialization without validating a return value and data type, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted serialized data...

9.8CVSS7.7AI score0.06842EPSS
Exploits1References11
SUSE CVE
SUSE CVE
added 2023/02/15 4:58 a.m.4 views

SUSE CVE-2016-7479

In all versions of PHP 7, during the unserialization process, resizing the 'properties' hash table of a serialized object may lead to use-after-free. A remote attacker may exploit this bug to gain arbitrary code execution...

9.8CVSS8.1AI score0.41943EPSS
Exploits1References7
SUSE CVE
SUSE CVE
added 2023/02/15 4:41 a.m.4 views

SUSE CVE-2017-12934

ext/standard/varunserializer.re in PHP 7.0.x before 7.0.21 and 7.1.x before 7.1.7 is prone to a heap use after free while unserializing untrusted data, related to the zvalgettype function in Zend/zendtypes.h. Exploitation of this issue can have an unspecified impact on the integrity of PHP...

7.5CVSS9.7AI score0.03634EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 4:19 a.m.2 views

SUSE CVE-2018-1000888

PEAR ArchiveTar version 1.4.3 and earlier contains a CWE-502, CWE-915 vulnerability in the ArchiveTar class. There are several file operations with $vheader'filename' as parameter such as fileexists, isfile, isdir, etc. When extract is called without a specific prefix path, we can trigger...

8.8CVSS10AI score0.18286EPSS
Exploits5References2
SUSE CVE
SUSE CVE
added 2023/02/15 3:51 a.m.4 views

SUSE CVE-2020-28948

ArchiveTar through 1.4.10 allows an unserialization attack because phar: is blocked but PHAR: is not blocked...

7.8CVSS7AI score0.47493EPSS
Exploits2References3
Positive Technologies
Positive Technologies
added 2023/01/31 12:0 a.m.6 views

PT-2023-1267 · Dompdf +1 · Dompdf +1

Name of the Vulnerable Software and Affected Versions: Dompdf version 2.0.1 Dompdf versions prior to 8.0.0 Description: The issue is related to the incorrect order of authorization checks before syntax analysis and canonization when processing tags with uppercase letters in SVG parsing. This can...

10CVSS9.7AI score0.03572EPSS
Exploits2References17
OSV
OSV
added 2023/01/30 9:15 p.m.4 views

CVE-2022-4680

The Revive Old Posts WordPress plugin before 9.0.11 unserializes user input provided via the settings, which could allow high privilege users such as admin to perform PHP Object Injection when a suitable gadget is present...

7.2CVSS5.8AI score0.01046EPSS
Exploits2References1
NVD
NVD
added 2023/01/30 9:15 p.m.47 views

CVE-2022-4680

The Revive Old Posts WordPress plugin before 9.0.11 unserializes user input provided via the settings, which could allow high privilege users such as admin to perform PHP Object Injection when a suitable gadget is present...

7.2CVSS7.1AI score0.01046EPSS
Exploits2References1
Prion
Prion
added 2023/01/30 9:15 p.m.18 views

Design/Logic Flaw

The Revive Old Posts WordPress plugin before 9.0.11 unserializes user input provided via the settings, which could allow high privilege users such as admin to perform PHP Object Injection when a suitable gadget is present...

5.8CVSS7.1AI score0.01046EPSS
Exploits2References1Affected Software1
NVD
NVD
added 2023/01/23 3:15 p.m.31 views

CVE-2022-4323

The Analyticator WordPress plugin before 6.5.6 unserializes user input provided via the settings, which could allow high privilege users such as admin to perform PHP Object Injection when a suitable gadget is present...

7.2CVSS7.1AI score0.01046EPSS
Exploits2References1
Rows per page
Query Builder