Tapatalk Plugins PHP Object Injection Vulnerability

PHP object injection vulnerability in all Tapatalk plugins that can allow attackers to execute PHP code, perform SQL injection, or cause denial of service conditions. Tapatalk Plugins PHP Object Injection dH team discovered PHP Object Injection vulnerability in all Tapatalk plugins, which is allo...

Tapatalk Plugins PHP Object Injection

Advisory: Tapatalk Plugins PHP Object Injection dH team discovered PHP Object Injection vulnerability in all Tapatalk plugins, which is allow to attackers execute PHP code, SQL injection or Denial of Service. No authorization or some extra steps need, so vulnerability considered critical. Details...

IPBoard 3.x.x/3.4 Full Path Disclosure

IPBoard Full Path Disclosure Exploit: admin/upgrade/index.php?app=upgrade&s=&section=index&do=login Dork: intext:Community Forum Software by IP.Board Fix: Turn off displayerrors in php.ini 0day.today 2018-03-13...

Invision Power Board 3.3.4 Unserialize REGEX Bypass

?php / So this is the patch that sanitizes, static public function safeUnserialize $serialized // unserialize will return false for object declared with small cap o // as well as if there is any ws between O and : if isstring $serialized && strpos $serialized, "\0" === false if strpos $serialized...