3680 matches found
CVE-2021-24384
CVE-2021-24384 affects the JoomSport WordPress plugin prior to 5.1.8. The vulnerability is a PHP object injection in the joomsport_md_load AJAX action, which unserialises input from the shattr POST parameter. It is accessible to unauthenticated users, and while the plugin itself lacks a gadget ch...
CVE-2021-24384 JoomSport < 5.1.8 - Unauthenticated PHP Object Injection
The joomsportmdload AJAX action of the JoomSport WordPress plugin before 5.1.8, registered for both unauthenticated and unauthenticated users, unserialised user input from the shattr POST parameter, leading to a PHP Object Injection issue. Even though the plugin does not have a suitable gadget...
WordPress ćäťś 䝣ç éŽé˘ćźć´
WordPress Plugin is an open source application plugin for WordPress. A code issue vulnerability exists in JoomSport for WordPress that stems from joomsport versions prior to 5.1.8 that register unauthenticated and unauthenticated users with unserialized user inputs from the shattr POST parameter,...
JoomSport < 5.1.8 - Unauthenticated PHP Object Injection
The joomsportmdload AJAX action of the plugin, registered for both unauthenticated and unauthenticated users, unserialised user input from the shattr POST parameter, leading to a PHP Object Injection issue. Even though the plugin does not have a suitable gadget chain to exploit this, other...
WordPress CM Registration Pro premium plugin <= 3.2.0 - PHP Object Injection vulnerability
PHP Object Injection vulnerability discovered by WPScan Team in WordPress CM Registration Pro premium plugin versions = 3.2.0. Solution Update the WordPress CM Registration Pro premium plugin to the latest available version at least 3.2.1...
CM Registration Pro < 3.2.1 - PHP Object Injection
The plugin was using an outdated library which was affected by a PHP Object Injection issue. The free version is not affected as it was not using the library even though it was skipped with it...
WordPress Redirection for Contact Form 7 Plugin PHP Object Injection Vulnerability
WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A PHP object injection vulnerability exists in WordPress Redirection for Contact Form 7 Plugin...
Design/Logic Flaw
In the Redirection for Contact Form 7 WordPress plugin before 2.3.4, any authenticated user, such as a subscriber, could use the importfromdebug AJAX action to inject PHP objects...
CVE-2021-24280 Redirection for Contact Form 7 < 2.3.4 - Authenticated PHP Object Injection
In the Redirection for Contact Form 7 WordPress plugin before 2.3.4, any authenticated user, such as a subscriber, could use the importfromdebug AJAX action to inject PHP objects...
WordPress UltimateWoo plugin <= 0.1.10 - PHP Object Injection vulnerability
PHP Object Injection vulnerability discovered by WPScan Team in WordPress UltimateWoo plugin versions = 0.1.10. Solution This plugin has been closed and is no longer available for download...
UltimateWoo <= 0.1.10 - PHP Object Injection
The plugin is using an outdated library which is affected by a PHP Object Injection issue...
Redirection for Contact Form 7 < 2.3.4 - Authenticated PHP Object Injection
In the plugin, any authenticated user, such as a subscriber, could use the importfromdebug AJAX action to inject PHP objects. PoC $wpuser, 'pwd' = $wppass, 'rememberme' = 'forever', 'wp-submit' = 'Log+In', ; $output = curlexec$ch; curlclose$ch; // OBJI $ch = curlinit; curlsetopt$ch, CURLOPTURL,...
Redirection for Contact Form 7 < 2.3.4 - Authenticated PHP Object Injection
In the plugin, any authenticated user, such as a subscriber, could use the importfromdebug AJAX action to inject PHP objects. $wpuser, 'pwd' = $wppass, 'rememberme' = 'forever', 'wp-submit' = 'Log+In', ; $output = curlexec$ch; curlclose$ch; // OBJI $ch = curlinit; curlsetopt$ch, CURLOPTURL, $wpur...
Facebook for WordPress < 3.0.0 - PHP Object Injection with POP Chain
The runaction function of the plugin deserializes user supplied data making it possible for PHP objects to be supplied creating an Object Injection vulnerability. There was also a useable magic method in the plugin that could be used to achieve remote code execution. PoC Step 1: Use the nonce...
Web vulnerabilities exploit weekly digest #1. March 8-15th 2021. VMware vCenter and Apache OFBiz RCE.
Welcome to the Wallarm weekly web exploits digest! Since this week, we will publish our weekly digests consists of web exploits with CVSS scores higher than 5. It will be followed by explanations, risks analysis, related stories and news. So, here we go! The most sophisticated and interesting...
QCubed 3.1.1 PHP Object Injection
QCubed PHP Object Injection =========================== | Identifier: | AIT-SA-20210215-01 | | Target: | QCubed Framework | | Vendor: | QCubed | | Version: | all versions including 3.1.1 | | CVE: | CVE-2020-24914 | | Accessibility: | Remote | | Severity: | Critical | | Author: | Wolfgang Hotwagne...
GLPI 9.5.3 Unsafe Reflection
Exploit Title: GLPI 9.5.3 - 'fromtype' Unsafe Reflection Date: 2021-02-13 Exploit Author: Vadym Soroka @Iterasec https://iterasec.com Vendor Homepage: https://glpi-project.org Software Link: https://github.com/glpi-project/glpi/releases Version: =9.5.3 Tested on:v9.5.3, 2021-02-13 Technical...
ForkCMS PHP Object Injection Vulnerability
ForkCMS is an open source content management system CMS written in PHP. A PHP object injection vulnerability exists in the back-end Ajax endpoint of ForkCMS versions prior to 5.8.3. A remote authenticated attacker can exploit this vulnerability to execute malicious code...
CVE-2020-24914
A PHP object injection bug in profile.php in qcubed all versions including 3.1.1 unserializes the untrusted data of the POST-variable "strProfileData" and allows an unauthenticated attacker to execute code via a crafted POST request...
CVE-2020-24036
PHP object injection in the Ajax endpoint of the backend in ForkCMS below version 5.8.3 allows an authenticated remote user to execute malicious code...