CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

The Customizer Export/Import WordPress plugin before 0.9.5 unserializes the content of an imported file, which could lead to PHP object injection issues when an admin imports intentionally or not a malicious file and a suitable gadget chain is present on the blog...

7.2CVSS7.1AI score0.01126EPSS

Exploits1References1

Prion•added 2019/04/04 6:29 p.m.•18 views

Design/Logic Flaw

An issue was discovered in Pimcore before 5.7.1. An attacker with classes permission can send a POST request to /admin/class/bulk-commit, which will make it possible to exploit the unserialize function when passing untrusted values in the data parameter to...

6.5CVSS8.4AI score0.69356EPSS

Exploits5References6Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by