Fork ForkCMS 安全漏洞

ForkCMS is an open source content management system CMS written in PHP. A PHP object injection vulnerability exists in the back-end Ajax endpoint of ForkCMS versions prior to 5.8.3. A remote authenticated attacker can exploit this vulnerability to execute malicious code...

PT-2021-11086 · Qcubed · Qcubed

Name of the Vulnerable Software and Affected Versions: qcubed versions 3.1.1 and earlier Description: A PHP object injection bug in profile.php unserializes the untrusted data of the strProfileData POST-variable, allowing an unauthenticated attacker to execute code via a crafted POST request...

Design/Logic Flaw

In Bitnami Containers, all Laravel container versions prior to: 6.20.0-debian-10-r107 for Laravel 6, 7.30.1-debian-10-r108 for Laravel 7 and 8.5.11-debian-10-r0 for Laravel 8, the file /tmp/app/.env is generated at the time that the docker image bitnami/laravel was built, and the value of APPKEY ...

CVE-2021-25294

OpenCATS through 0.9.5-3 unsafely deserializes index.php?m=activity requests, leading to remote code execution. This occurs because lib/DataGrid.php calls unserialize for the parametersactivity:ActivityDataGrid parameter. The PHP object injection exploit chain can leverage an destruct magic metho...

CVE-2021-25294

OpenCATS through 0.9.5-3 unsafely deserializes index.php?m=activity requests, leading to remote code execution. This occurs because lib/DataGrid.php calls unserialize for the parametersactivity:ActivityDataGrid parameter. The PHP object injection exploit chain can leverage an destruct magic metho...

Remote code execution

OpenCATS through 0.9.5-3 unsafely deserializes index.php?m=activity requests, leading to remote code execution. This occurs because lib/DataGrid.php calls unserialize for the parametersactivity:ActivityDataGrid parameter. The PHP object injection exploit chain can leverage an destruct magic metho...

CVE-2021-25294

OpenCATS through 0.9.5-3 unsafely deserializes index.php?m=activity requests, leading to remote code execution. This occurs because lib/DataGrid.php calls unserialize for the parametersactivity:ActivityDataGrid parameter. The PHP object injection exploit chain can leverage an destruct magic metho...

Modal Survey < 2.0.1.8.2 - Authenticated PHP Object Injection

The Unserialize function is used multiple times in the code, for example when importing custom surveys. This could allow a malicious administrator to import a crafted JSON to trigger a PHP Object Injection vulnerability PoC "name":"Open Text Answer Sample", "id":"924478511", "options":"",...

Modal Survey < 2.0.1.8.2 - Authenticated PHP Object Injection

The Unserialize function is used multiple times in the code, for example when importing custom surveys. This could allow a malicious administrator to import a crafted JSON to trigger a PHP Object Injection vulnerability "name":"Open Text Answer Sample", "id":"924478511", "options":"", "global":"0...

WordPress Post Grid plugin PHP object injection vulnerability

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Foundation. A PHP object injection vulnerability exists in the Post Grid plugin for WordPress versions prior to 2.0.73. The vulnerability stems from unsafe deserialization of certain data in parameters. An...

qdPM PHP Object Injection Vulnerability

qdPM is a free Web-based open source project management tool , written in symfony framework for small teams . qdPM 9.1 and earlier versions have PHP object injection vulnerabilities. An attacker can exploit this vulnerability by using timeReportActions::executeExport in...

CVE-2020-35938

PHP Object injection vulnerabilities in the Post Grid plugin before 2.0.73 for WordPress allow remote authenticated attackers to inject arbitrary PHP objects due to insecure unserialization of data supplied in a remotely hosted crafted payload in the source parameter via AJAX. The action must be...

CVE-2020-35939

PHP Object injection vulnerabilities in the Team Showcase plugin before 1.22.16 for WordPress allow remote authenticated attackers to inject arbitrary PHP objects due to insecure unserialization of data supplied in a remotely hosted crafted payload in the source parameter via AJAX. The action mus...

CVE-2020-26165

qdPM through 9.1 allows PHP Object Injection via timeReportActions::executeExport in core/apps/qdPM/modules/timeReport/actions/actions.class.php because unserialize is used...

CVE-2020-26165

qdPM through 9.1 allows PHP Object Injection via timeReportActions::executeExport in core/apps/qdPM/modules/timeReport/actions/actions.class.php because unserialize is used...

Design/Logic Flaw

qdPM through 9.1 allows PHP Object Injection via timeReportActions::executeExport in core/apps/qdPM/modules/timeReport/actions/actions.class.php because unserialize is used...

CVE-2020-26165

qdPM through 9.1 allows PHP Object Injection via timeReportActions::executeExport in core/apps/qdPM/modules/timeReport/actions/actions.class.php because unserialize is used...

CVE-2020-26165

CVE-2020-26165 affects qdPM through v9.1, where PHP object injection is possible via timeReportActions::executeExport due to using unserialize on user-supplied input. This vulnerability stems from unserialize on the export parameter, enabling injection attacks that can lead to code execution or o...

qdPM 9.1 PHP Object Injection

-------------------------------------------------------------- qdPM getParameter'format'; 299. $filename = $request-getParameter'filename'; 300. 301. $export = unserialize$request-getParameter'export'; User input passed through the "export" request parameter is not properly sanitized before being...

qdPM 代码注入漏洞

qdPM is a free Web-based open source project management tool , written in symfony framework for small teams . qdPM 9.1 and earlier versions have PHP object injection vulnerabilities. An attacker can exploit this vulnerability by using timeReportActions::executeExport in...