wordpress -- multiple issues

wordpress developers reports: WordPress versions 5.0 and earlier are affected by the following bugs, which are fixed in version 5.0.1. Updated versions of WordPress 4.9 and older releases are also available, for users who have not yet updated to 5.0. Karim El Ouerghemmi discovered that authors...

[SECURITY] [DSA 4351-1] libphp-phpmailer security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4351-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso December 07, 2018 https://www.debian.org/security/faq -...

Debian: Security Advisory (DSA-4351-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Patreon Connect < 1.2.2 - PHP Object Injection

The Patreon WordPress WordPress plugin was affected by a PHP Object Injection security vulnerability...

Simple Link Directory < 5.6.0 - Authenticated PHP Object Injection

Due to the OptionTree library...

Drupal 8.x < 8.3.4 Multiple Vulnerabilities

According to its self-reported version number, the detected Drupal application is affected by multiple vulnerabilities : - A flaw exists in the PECL YAML parser due to unsafe handling of PHP objects during certain operations. An unauthenticated, remote attacker can exploit this to execute arbitra...

Magecart Cybergang Targets 0days in Third-Party Magento Extensions

Criminals behind the Magecart gang have shifted tactics, and are now targeting nearly two dozen unpatched vulnerabilities found in third-party plugins used in the Magento e-commerce platform. Previously, the Magecart cybergang had focused on the core of Magento, using attack strategies such as...

What is PHP Object Injection

PHP Serialization Recap PHP provides a mechanism for storing and loading data with PHP types across multiple HTTP requests. This mechanism boils down to two functions: serialize and unserialize. This may sound complicated but lets look at the following easy example: A PHP object being serialized ...

h1-5411-CTF: Remote Command Execution in a internal server to get the flag file

Summary: After source code disclosure using a LFI vulnerability and using PHP object injection with XXE I was able to find an internal service at port 1337. Using the SSRF through XXE I sent a HTTP request to this internal service and discovered a python object injection using status parameter,...

h1-5411-CTF: RCE via Local File Read -> php unserialization-> XXE -> unpickling

Summary: It was possible to escalate to Remote Code Execution via different bugs such as local file read, php object injection, XML External Entity and Un-Pickling of Python serialized object. Description: Using local file read it was discovered that the php code was vulnerable to php object...

Design/Logic Flaw

YesWiki version = cercopitheque beta 1 contains a PHP Object Injection vulnerability in Unserialising user entered parameter in i18n.inc.php that can result in execution of code, disclosure of information...

CVE-2018-1000641

YesWiki contains a PHP Object Injection vulnerability in i18n.inc.php due to unserialising a user-supplied parameter. Affected versions are YesWiki

Design/Logic Flaw

The installer script in webEdition CMS before 6.2.7-s1 and 6.3.x before 6.3.8-s1 allows remote attackers to conduct PHP Object Injection attacks by intercepting a request to update.webedition.org...

CVE-2014-2302

The installer script in webEdition CMS before 6.2.7-s1 and 6.3.x before 6.3.8-s1 allows remote attackers to conduct PHP Object Injection attacks by intercepting a request to update.webedition.org...

CVE-2014-2302

The CVE-2014-2302 entry is substantiated by multiple connected documents: webEdition CMS installer/online installer vulnerability leading to remote command execution via PHP object injection when the installer communicates with update.webedition.org. Affected versions include webEdition CMS befor...

SS-2018-017: Possible PHP Object Injection via Multi-Value Field Extension

More info at https://www.silverstripe.org/download/security-releases/ss-2018-017/...

CVE-2018-1000525

openpsa contains a PHP Object Injection vulnerability in Form data passed as GET request variables that can result in Possible information disclosure and remote code execution. This attack appear to be exploitable via Specially crafted GET request variable containing serialised PHP object. This...

CVE-2018-1000525

openpsa contains a PHP Object Injection vulnerability in Form data passed as GET request variables that can result in Possible information disclosure and remote code execution. This attack appear to be exploitable via Specially crafted GET request variable containing serialised PHP object. This...

CVE-2018-1000527

Froxlor version = 0.9.39.5 contains a PHP Object Injection vulnerability in Domain name form that can result in Possible information disclosure and remote code execution. This attack appear to be exploitable via Passing malicious PHP objection in $POST'sslipandport'. This vulnerability appears to...

Information disclosure

Froxlor version = 0.9.39.5 contains a PHP Object Injection vulnerability in Domain name form that can result in Possible information disclosure and remote code execution. This attack appear to be exploitable via Passing malicious PHP objection in $POST'sslipandport'. This vulnerability appears to...