15 matches found
CVE-2024-31211
WordPress is an open publishing platform for the Web. Unserialization of instances of the WPHTMLToken class allows for code execution via its destruct magic method. This issue was fixed in WordPress 6.4.2 on December 6th, 2023. Versions prior to 6.4.0 are not affected...
php: Reference counting in php_request_shutdown causes Use-After-Free
A flaw was found in PHP. This vulnerability allows remote code execution via a crafted code path involving the set magic method or the null coalescing assignment ??= operator, in combination with exception handling. Attackers can trigger a use-after-free condition by controlling the memory layout...
php: Reference counting in php_request_shutdown causes Use-After-Free
A flaw was found in PHP. This vulnerability allows remote code execution via a crafted code path involving the set magic method or the null coalescing assignment ??= operator, in combination with exception handling. Attackers can trigger a use-after-free condition by controlling the memory layout...
CVE-2024-4990
In yiisoft/yii2 version 2.0.48, the base Component class contains a vulnerability where the set magic method does not validate that the value passed is a valid Behavior class name or configuration. This allows an attacker to instantiate arbitrary classes, passing parameters to their constructors...
CVE-2024-4990
In yiisoft/yii2 version 2.0.48, the base Component class contains a vulnerability where the set magic method does not validate that the value passed is a valid Behavior class name or configuration. This allows an attacker to instantiate arbitrary classes, passing parameters to their constructors...
CVE-2024-31211 Remote Code Execution in `WP_HTML_Token`
WordPress is an open publishing platform for the Web. Unserialization of instances of the WPHTMLToken class allows for code execution via its destruct magic method. This issue was fixed in WordPress 6.4.2 on December 6th, 2023. Versions prior to 6.4.0 are not affected...
SUSE CVE-2016-7124
ext/standard/varunserializer.c in PHP before 5.6.25 and 7.x before 7.0.10 mishandles certain invalid objects, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted serialized data that leads to a 1 destruct call or 2 magic method call...
CVE-2021-40102
An issue was discovered in Concrete CMS through 8.5.5. Arbitrary File deletion can occur via PHAR deserialization in isdir PHP Object Injection associated with the wakeup magic method...
CVE-2021-40102
Concrete CMS up to 8.5.5 is affected by CVE-2021-40102 via PHAR deserialization in is_dir, enabling arbitrary file deletion. Root cause: PHP Object Injection through __wakeup in PHAR context. Exploitation chain observed includes uploading a PHAR payload and triggering deserialization via phar:// ...
WordPress Facebook for WordPress Plugin < 3.0.0 PHP Object Injection Vulnerability
The WordPress plugin Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it...
Design/Logic Flaw
compose.php in SquirrelMail 1.4.22 calls unserialize for the $attachments value, which originates from an HTTP POST request. NOTE: the vendor disputes this because these two conditions for PHP object injection are not satisfied: existence of a PHP magic method such as wakeup or destruct, and any...
Remote Code Execution
spoon/library is vulnerable to remote code execution. Lack of validation of the cookie allows a remote attacker to submit a cookie containing malicious executable objects that will execute upon deserialization in the wakeup magic method in spoon/cookie/cookie.php...
h1-5411-CTF: H1-5411 CTF Write-up by erbbysam and ziot
@erbbysam and I recently set out to beat the latest CTF challenge hosted by HackerOne. Here is a write-up with the process we took from start to finish. The h1-5411 CTF begins with a tweet from HackerOne: https://twitter.com/Hacker0x01/status/1044974142150373378 F351665 This leads to a website...
CVE-2016-7124
Removed by vendor...
UBUNTU-CVE-2016-7124
ext/standard/varunserializer.c in PHP before 5.6.25 and 7.x before 7.0.10 mishandles certain invalid objects, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted serialized data that leads to a 1 destruct call or 2 magic method call...