2 matches found
CVE-2026-25524
OpenMage LTS (Magento LTS unofficial fork) before v20.17.0 is affected by a Phar deserialization flaw. PHP functions getimagesize(), file_exists(), and is_readable() can deserialize when given phar:// stream wrapper paths, used during image validation/media handling with controllable file paths. ...
PHAR deserialization allowing remote code execution
Description snappy is vulnerable to PHAR deserialization due to a lack of checking on the protocol before passing it into the fileexists function. If an attacker can upload files of any type to the server he can pass in the phar:// protocol to unserialize the uploaded file and instantiate arbitra...