61 matches found
EUVD-2006-7220
Malware in sbrugna...
EUVD-2021-23354
Malware in sbrugna...
EUVD-2006-4469
Malware in sbrugna...
EUVD-2025-20784
Malicious code in bioql PyPI...
CVE-2025-6742
Mode C: CVE-2025-6742 affects the WordPress plugin SureForms – Drag and Drop Form Builder for WordPress up to version 1.7.3. The root cause is use of file_exists() in delete_entry_files() with no path restriction, enabling unauthenticated PHP Object Injection. The report notes that no known POP c...
GHSA-6PJM-HMVF-H4RR image-optimizer allows PHAR deserialization
image-optimizer before 1.7.3 allows PHAR deserialization, e.g., the phar:// protocol in arguments to fileexists...
CVE-2024-34515
image-optimizer before 1.7.3 allows PHAR deserialization, e.g., the phar:// protocol in arguments to fileexists...
CVE-2024-34515
image-optimizer before 1.7.3 allows PHAR deserialization, e.g., the phar:// protocol in arguments to fileexists...
CVE-2024-34515
image-optimizer before 1.7.3 allows PHAR deserialization, e.g., the phar:// protocol in arguments to fileexists...
CVE-2024-34515
image-optimizer before 1.7.3 allows PHAR deserialization, e.g., the phar:// protocol in arguments to fileexists...
CVE-2024-34515
CVE-2024-34515 affects the image-optimizer package prior to 1.7.3. The vulnerability stems from PHAR deserialization via the phar:// protocol in arguments to file_exists(), enabling deserialization of untrusted data and, per multiple sources, potential remote code execution. Affected versions are...
Deserialization of Untrusted Data in timber/timber
Summary Timber is vulnerable to PHAR deserialization due to a lack of checking the input before passing it into the fileexists function. If an attacker can upload files of any type to the server, he can pass in the phar:// protocol to unserialize the uploaded file and instantiate arbitrary PHP...
Dompdf's usage of vulnerable version of phenx/php-svg-lib leads to restriction bypass and potential RCE
Summary A lack of sanitization/check in the font path returned by php-svg-lib, in the case of a inline CSS font defined, that will be used by Cpdf to open a font will be passed to a fileexists call, which is sufficient to trigger metadata unserializing on a PHAR file, through the phar:// URL...
GHSA-3Q76-JQ6M-573P Archive_Tar contains Potential RCE if filename starts with phar://
PEAR ArchiveTar version 1.4.3 and earlier contains a CWE-502, CWE-915 vulnerability in the ArchiveTar class. There are several file operations with $vheader'filename' as parameter such as fileexists, isfile, isdir, etc. When extract is called without a specific prefix path, we can trigger...
Jetpack CRM < 5.4.0 - PHAR Deserialisation via CSRF
The plugin does not have CSRF proper check in step 2 and 3 of the zeroBSCRMCSVImporterLitehtmlapp function, which then call fileexists on user input, which could allow unauthenticated users to perform PHAR Deserialisation attacks if they can upload a malicious file using a gadget chain, and then...
Deserialization of untrusted data
Snappy is a PHP library allowing thumbnail, snapshot or PDF generation from a url or a html page. Prior to version 1.4.2, Snappy is vulnerable to PHAR deserialization due to a lack of checking on the protocol before passing it into the fileexists function. If an attacker can upload files of any...
PHAR deserialization allowing remote code execution
Description snappy is vulnerable to PHAR deserialization due to a lack of checking on the protocol before passing it into the fileexists function. If an attacker can upload files of any type to the server he can pass in the phar:// protocol to unserialize the uploaded file and instantiate arbitra...
SUSE CVE-2006-4481
The 1 fileexists and 2 imapreopen functions in PHP before 5.1.5 do not check for the safemode and openbasedir settings, which allows local users to bypass the settings. NOTE: the errorlog function is covered by CVE-2006-3011, and the imapopen function is covered by CVE-2006-1017...
CVE-2021-36766
Concrete5 through 8.5.5 deserializes Untrusted Data. The vulnerable code is located within the controllers/singlepage/dashboard/system/environment/logging.php Logging::updatelogging method. User input passed through the logFile request parameter is not properly sanitized before being used in a ca...
CVE-2019-12868
app/Model/Server.php in MISP 2.4.109 allows remote command execution by a super administrator because the PHP fileexists function is used with user-controlled entries, and phar:// URLs trigger deserialization...