5 matches found
PT-2026-42100
The Boost plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 2.0.3 via deserialization of untrusted input in the STYXKEY-BOOST USER LOCATION cookie. This makes it possible for unauthenticated attackers to inject a PHP Object. No known POP chain is present...
Geokit Rails Code Issue Vulnerability
Geokit Rails is Geokit open source an official Geokit plugin for Rails/ActiveRecord . A security vulnerability exists in Geokit Rails versions prior to 2.5.0, which stems from a command injection attack due to insecure YAML deserialization in the geolocation cookie, which can be exploited by an...
PT-2023-20532 · Unknown · Geokit-Rails
Name of the Vulnerable Software and Affected Versions: geokit-rails versions prior to 2.5.0 Description: The issue is related to Command Injection due to unsafe deserialization of YAML within the geo location cookie. This can be exploited remotely via a malicious cookie value, allowing an attacke...
Command Injection
Overview Affected versions of this package are vulnerable to Command Injection due to unsafe deserialisation of YAML within the 'geolocation' cookie. This issue can be exploited remotely via a malicious cookie value. Note: An attacker can use this vulnerability to execute commands on the host...
Yelp: Self-XSS via location cookie city field when getting suggestions for a new location
Hi, Only self-XSS, but thought I would report it anyway! I noticed the cookie "location" had some JSON in it, so I changed the city field to debugger, made sure it was encoded the same, then went to add a new location/change an existing location at https://www.yelp.com/profilelocation. Making sur...