7 matches found
VulnCheck KEV: CVE-2020-24914
A PHP object injection bug in profile.php in qcubed all versions including 3.1.1 unserializes the untrusted data of the POST-variable "strProfileData" and allows an unauthenticated attacker to execute code via a crafted POST request...
Qcubed Remote Code Execution (CVE-2020-24914)
A remote code execution vulnerability exists in Qcubed. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
QCubed 3.1.1 PHP Object Injection Vulnerability
QCubed PHP Object Injection =========================== | Target: | QCubed Framework | | Vendor: | QCubed | | Version: | all versions including 3.1.1 | | CVE: | CVE-2020-24914 | | Accessibility: | Remote | | Severity: | Critical | | Author: | Wolfgang Hotwagner AIT Austrian Institute of Technolog...
QCubed 3.1.1 PHP Object Injection
QCubed PHP Object Injection =========================== | Identifier: | AIT-SA-20210215-01 | | Target: | QCubed Framework | | Vendor: | QCubed | | Version: | all versions including 3.1.1 | | CVE: | CVE-2020-24914 | | Accessibility: | Remote | | Severity: | Critical | | Author: | Wolfgang Hotwagne...
CVE-2020-24914
creationtimestamp| type| source ---|---|--- 2021-03-04 16:46:31+00:00| seen| https://t.me/cibsecurity/24445 2024-04-25 21:02:24+00:00| seen| https://t.me/arpsyndicate/4863 2024-12-27 00:00:00+00:00| exploited| The Shadowserver honeypot/exploited-vulnerabilities - 2024-12-27 2025-01-26...
CVE-2020-24914
A PHP object injection bug in profile.php in qcubed all versions including 3.1.1 unserializes the untrusted data of the POST-variable "strProfileData" and allows an unauthenticated attacker to execute code via a crafted POST request...
CVE-2020-24914
Summary: QCubed PHP object injection in profile.php (affecting all versions including 3.1.1) enables unauthenticated remote code execution by unserializing the POST variable “strProfileData.” The issue stems from PHP object injection in qcubed and is rated CRITICAL (CVSSv3.1: AV:N/AC:L/PR:N/UI:N/...