Lucene search
K

5 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2022-3919

Malicious code in bioql PyPI...

7.5CVSS6.5AI score0.07315EPSS
Exploits3References6
OSV
OSV
added 2022/05/17 4:46 a.m.21 views

GHSA-G7PJ-3V97-3VXP Pimcore Vulnerable to PHP Object Injection Attacks

The getObjectByToken function in Newsletter.php in the PimcoreToolNewsletter module in pimcore 1.4.9 through 2.0.0 does not properly handle an object obtained by unserializing Lucene search data, which allows remote attackers to conduct PHP object injection attacks and execute arbitrary code via...

9.3CVSS7.6AI score0.07315EPSS
Exploits3References7
NVD
NVD
added 2014/04/21 10:55 p.m.22 views

CVE-2014-2921

The getObjectByToken function in Newsletter.php in the PimcoreToolNewsletter module in pimcore 1.4.9 through 2.0.0 does not properly handle an object obtained by unserializing Lucene search data, which allows remote attackers to conduct PHP object injection attacks and execute arbitrary code via...

7.5CVSS7.8AI score0.07315EPSS
Exploits3References3
Prion
Prion
added 2014/04/21 10:55 p.m.18 views

Design/Logic Flaw

The getObjectByToken function in Newsletter.php in the PimcoreToolNewsletter module in pimcore 1.4.9 through 2.0.0 does not properly handle an object obtained by unserializing Lucene search data, which allows remote attackers to conduct PHP object injection attacks and execute arbitrary code via...

7.5CVSS8.4AI score0.07315EPSS
Exploits3References3Affected Software1
Cvelist
Cvelist
added 2014/04/21 10:0 p.m.31 views

CVE-2014-2921

The getObjectByToken function in Newsletter.php in the PimcoreToolNewsletter module in pimcore 1.4.9 through 2.0.0 does not properly handle an object obtained by unserializing Lucene search data, which allows remote attackers to conduct PHP object injection attacks and execute arbitrary code via...

7.7AI score0.07315EPSS
Exploits3References3
Rows per page
Query Builder