2 matches found
CVE-2024-10936 String Locator <= 2.6.6 - Unauthenticated PHP Object Injection
The String locator plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 2.6.6 via deserialization of untrusted input in the 'recursiveunserializereplace' function. This makes it possible for unauthenticated attackers to inject a PHP Object. No known POP...
solaris7.ff.core.txt
Date: Wed, 7 Apr 1999 22:11:03 -0700 From: Russell Van Tassell To: [email protected] Subject: Solaris7 and ff.core Forgive me as I just started playing with Solaris 7 and don't recall seeing this yet posted to Bugtraq. It would appear as though an old bug with the OpenWeirdos File Mangler has...