8 matches found
CVE-2026-57588
CVE-2026-57588 is a SQL injection vulnerability in Nessus. A crafted malicious scan result file, when imported by a privileged user, injects SQL into the scan results database, potentially exfiltrating scan data. The vulnerability affects Nessus in scenarios where a scan-result file is imported b...
PT-2026-5274
BacklinkSpeed 2.4 contains a buffer overflow vulnerability that allows attackers to corrupt the Structured Exception Handler SEH chain through malicious file import. Attackers can craft a specially designed payload file to overwrite SEH addresses, potentially executing arbitrary code and gaining...
EUVD-2024-3067
Malicious code in bioql PyPI...
EUVD-2021-9896
Malicious code in bioql PyPI...
CVE-2022-3380
The Customizer Export/Import WordPress plugin before 0.9.5 unserializes the content of an imported file, which could lead to PHP object injection issues when an admin imports intentionally or not a malicious file and a suitable gadget chain is present on the blog...
PT-2022-21789 · WordPress · Phlox
Name of the Vulnerable Software and Affected Versions: Shortcodes and extra features for Phlox theme WordPress plugin versions prior to 2.10.7 Description: The issue arises from the unserialize of the content of an imported file, which could lead to PHP object injection when a user imports a...
CVE-2022-3357
The Smart Slider 3 WordPress plugin before 3.5.1.11 unserialises the content of an imported file, which could lead to PHP object injection issues when a user import intentionally or not a malicious file, and a suitable gadget chain is present on the site...
GitLab 资源管理错误漏洞
GitLab is an open source, end-to-end software development platform from GitLab, Inc. with built-in version control, issue tracking, code review, CI/CD Continuous Integration and Continuous Delivery, and other features. A security vulnerability exists in GitLab EE/CE. An attacker exploited the...