Tuleap PHP Unserialize Code Execution

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Tuleap PHP Unserialize Code Execution', 'Description' = %q This module exploits a PHP object injection vulnerability in Tuelap...

Tuleap PHP Unserialize Code Execution

This module exploits a PHP object injection vulnerability in Tuleap 'Tuleap PHP Unserialize Code Execution', 'Description' = %q This module exploits a PHP object injection vulnerability in Tuleap = 7.6-4 which could be abused to allow authenticated users to execute arbitrary code with the...

CVE-2014-8791

project/register.php in Tuleap before 7.7, when syscreateprojectinonestep is disabled, allows remote authenticated users to conduct PHP object injection attacks and execute arbitrary PHP code via the data parameter...

Design/Logic Flaw

project/register.php in Tuleap before 7.7, when syscreateprojectinonestep is disabled, allows remote authenticated users to conduct PHP object injection attacks and execute arbitrary PHP code via the data parameter...

CVE-2014-8791

project/register.php in Tuleap before 7.7, when syscreateprojectinonestep is disabled, allows remote authenticated users to conduct PHP object injection attacks and execute arbitrary PHP code via the data parameter...

CVE-2014-8791

CVE-2014-8791 affects Tuleap up to version 7.6-4. The vulnerability resides in the /src/www/project/register.php path where the data parameter is unserialized, allowing PHP object injection and potential arbitrary code execution when sys_create_project_in_one_step is disabled. The issue requires ...

Open Web Analytics 1.5.6 PHP Object Injection Vulnerability

Exploit for php platform in category web applications Open Web Analytics setSetting'base', 'isremoteeventqueue', true; $owa-e-debug$POST; $rawevent = owacoreAPI::getRequestParam'event'; if $rawevent $dispatch = owacoreAPI::getEventDispatch; $event = unserialize base64decode $rawevent ;...

Tuleap 7.6-4 PHP Object Injection

----------------------------------------------------------------- Tuleap route$request; 35. exit; 36. 37. 38. $currentstep = $request-exist'currentstep' ? $request-get'currentstep' : 0; 39. $data = $request-exist'data' ? unserialize$request-get'data' : array; User input passed through the "data"...

CVE-2014-8081

lib/execute/execSetResults.php in TestLink before 1.9.13 allows remote attackers to conduct PHP object injection attacks and execute arbitrary PHP code via the filterresultresult parameter...

Design/Logic Flaw

lib/execute/execSetResults.php in TestLink before 1.9.13 allows remote attackers to conduct PHP object injection attacks and execute arbitrary PHP code via the filterresultresult parameter...

CVE-2014-8081

CVE-2014-8081 affects TestLink up to version 1.9.12 (and earlier) where lib/execute/execSetResults.php processes the filter_result_result parameter unsafely, allowing PHP object injection and arbitrary code execution. The vulnerability stems from unserialize on user input, enabling crafted serial...

CVE-2014-8081

lib/execute/execSetResults.php in TestLink before 1.9.13 allows remote attackers to conduct PHP object injection attacks and execute arbitrary PHP code via the filterresultresult parameter...

TestLink 1.9.12 Multiple Vulnerabilities

TestLink versions 1.9.12 and below suffer from a path disclosure weakness and below suffer from a PHP object injection vulnerability in execSetResults.php ---------------------------------------------------------------- TestLink "; debugprintbacktrace; echo ""; 211. 212. else 213. 214. echo "";...

CMS Made Simple 1.11.9 - Multiple Vulnerabilities

Vulnerabilities in CMS Made Simple, version 1.11.9 Discovered by Pedro Ribeiro [email protected] of Agile Information Security Reported to [email protected] and [email protected] Disclosure: 28/02/2014 / Last updated: 12/10/2014 CMS Made Simple, an open source content management...

Pimcore CMS 1.4.9 <2.1.0 - Multiple Vulnerabilities

Vulnerabilities in Pimcore 1.4.9 to 2.1.0 inclusive Discovered by Pedro Ribeiro [email protected] of Agile Information Security ==================================================================== Disclosure: 14/04/2014 / Last updated: 12/10/2014 Vulnerability: Remote code execution in Pimcore CMS...

Pimcore CMS 1.4.9 2.1.0 - Multiple Vulnerabilities

Pimcore CMS 1.4.9 2.1.0 - Multiple Vulnerabilities Vulnerabilities in Pimcore 1.4.9 to 2.1.0 inclusive Discovered by Pedro Ribeiro [email protected] of Agile Information Security ==================================================================== Disclosure: 14/04/2014 / Last updated: 12/10/2014...

CMS Made Simple 1.11.9 - Multiple Vulnerabilities

CMS Made Simple 1.11.9 - Multiple Vulnerabilities Vulnerabilities in CMS Made Simple, version 1.11.9 Discovered by Pedro Ribeiro [email protected] of Agile Information Security Reported to [email protected] and [email protected] Disclosure: 28/02/2014 / Last updated: 12/10/2014 CMS...

CVE-2014-5297

The actionSendErrorReport method in protected/controllers/SiteController.php in X2Engine 2.8 through 4.1.7 allows remote attackers to conduct PHP object injection and Server-Side Request Forgery SSRF attacks via crafted serialized data in the report parameter...

Server side request forgery (ssrf)

The actionSendErrorReport method in protected/controllers/SiteController.php in X2Engine 2.8 through 4.1.7 allows remote attackers to conduct PHP object injection and Server-Side Request Forgery SSRF attacks via crafted serialized data in the report parameter...

CVE-2014-5297

The actionSendErrorReport method in protected/controllers/SiteController.php in X2Engine 2.8 through 4.1.7 allows remote attackers to conduct PHP object injection and Server-Side Request Forgery SSRF attacks via crafted serialized data in the report parameter...