Lucene search
K

4 matches found

Cvelist
Cvelist
added 5 days ago31 views

CVE-2026-55809 Flag attendance field - Critical - PHP object injection - SA-CONTRIB-2026-049

Improperly Controlled Modification of Dynamically-Determined Object Attributes vulnerability in Drupal Flag attendance field allows Object Injection. This issue affects Flag attendance field versions: from 0.0.0 to 1.2...

0.003EPSS
Exploits0References1
CVE
CVE
added 5 days ago20 views

CVE-2026-55809

The CVE-2026-55809 issue affects the Drupal Flag attendance field module, with vulnerable versions 0.0.0 through 1.2. The root cause is improper control of modification of dynamically-determined object attributes, with data stored as PHP-serialized strings. If malicious data is written to the fie...

8.1CVSS6.1AI score0.003EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2026/06/17 6:39 p.m.6 views

DRUPAL-CONTRIB-2026-049

The Flag attendance field module gives you the ability to add attendance by depending on Flag module. flagattendancefield stores some data as PHP-serialized strings. In some situations, malicious data can be written directly to the field. This can lead to an object injection vulnerability when th...

8.1CVSS5.5AI score0.003EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/17 12:0 a.m.21 views

PT-2026-50611

Name of the Vulnerable Software and Affected Versions Flag attendance field versions 0.0.0 through 1.2 Description An Object Injection issue exists in the Flag attendance field module due to the improper control of modification of dynamically-determined object attributes. The module stores data a...

6.1AI score0.003EPSS
Exploits0References3
Rows per page
Query Builder