CVE-2021-36766

Concrete5 through 8.5.5 deserializes Untrusted Data. The vulnerable code is located within the controllers/singlepage/dashboard/system/environment/logging.php Logging::updatelogging method. User input passed through the logFile request parameter is not properly sanitized before being used in a ca...

Code injection

Concrete5 through 8.5.5 deserializes Untrusted Data. The vulnerable code is located within the controllers/singlepage/dashboard/system/environment/logging.php Logging::updatelogging method. User input passed through the logFile request parameter is not properly sanitized before being used in a ca...

CVE-2021-36766

Concrete5 (CMS) up to version 8.5.5 is affected by CVE-2021-36766 due to insecure handling of user input in Logging::update_logging(). The logFile parameter is not sanitized before passing to file_exists(), enabling PHP Object Injection via the phar:// stream wrapper and potentially arbitrary PHP...

CVE-2021-36766

Concrete5 through 8.5.5 deserializes Untrusted Data. The vulnerable code is located within the controllers/singlepage/dashboard/system/environment/logging.php Logging::updatelogging method. User input passed through the logFile request parameter is not properly sanitized before being used in a ca...

CVE-2021-24384

The joomsportmdload AJAX action of the JoomSport WordPress plugin before 5.1.8, registered for both unauthenticated and unauthenticated users, unserialised user input from the shattr POST parameter, leading to a PHP Object Injection issue. Even though the plugin does not have a suitable gadget...

CVE-2021-24384

The joomsportmdload AJAX action of the JoomSport WordPress plugin before 5.1.8, registered for both unauthenticated and unauthenticated users, unserialised user input from the shattr POST parameter, leading to a PHP Object Injection issue. Even though the plugin does not have a suitable gadget...

Crlf injection

The joomsportmdload AJAX action of the JoomSport WordPress plugin before 5.1.8, registered for both unauthenticated and unauthenticated users, unserialised user input from the shattr POST parameter, leading to a PHP Object Injection issue. Even though the plugin does not have a suitable gadget...

CVE-2021-24384 JoomSport < 5.1.8 - Unauthenticated PHP Object Injection

The joomsportmdload AJAX action of the JoomSport WordPress plugin before 5.1.8, registered for both unauthenticated and unauthenticated users, unserialised user input from the shattr POST parameter, leading to a PHP Object Injection issue. Even though the plugin does not have a suitable gadget...

CVE-2021-24384

CVE-2021-24384 affects the JoomSport WordPress plugin prior to 5.1.8. The vulnerability is a PHP object injection in the joomsport_md_load AJAX action, which unserialises input from the shattr POST parameter. It is accessible to unauthenticated users, and while the plugin itself lacks a gadget ch...

WordPress 插件 代码问题漏洞

WordPress Plugin is an open source application plugin for WordPress. A code issue vulnerability exists in JoomSport for WordPress that stems from joomsport versions prior to 5.1.8 that register unauthenticated and unauthenticated users with unserialized user inputs from the shattr POST parameter,...

JoomSport < 5.1.8 - Unauthenticated PHP Object Injection

The joomsportmdload AJAX action of the plugin, registered for both unauthenticated and unauthenticated users, unserialised user input from the shattr POST parameter, leading to a PHP Object Injection issue. Even though the plugin does not have a suitable gadget chain to exploit this, other...

CM Registration Pro < 3.2.1 - PHP Object Injection

The plugin was using an outdated library which was affected by a PHP Object Injection issue. The free version is not affected as it was not using the library even though it was skipped with it...

WordPress CM Registration Pro premium plugin <= 3.2.0 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by WPScan Team in WordPress CM Registration Pro premium plugin versions = 3.2.0. Solution Update the WordPress CM Registration Pro premium plugin to the latest available version at least 3.2.1...

WordPress Redirection for Contact Form 7 Plugin PHP Object Injection Vulnerability

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A PHP object injection vulnerability exists in WordPress Redirection for Contact Form 7 Plugin...

Design/Logic Flaw

In the Redirection for Contact Form 7 WordPress plugin before 2.3.4, any authenticated user, such as a subscriber, could use the importfromdebug AJAX action to inject PHP objects...

CVE-2021-24280 Redirection for Contact Form 7 < 2.3.4 - Authenticated PHP Object Injection

In the Redirection for Contact Form 7 WordPress plugin before 2.3.4, any authenticated user, such as a subscriber, could use the importfromdebug AJAX action to inject PHP objects...

UltimateWoo <= 0.1.10 - PHP Object Injection

The plugin is using an outdated library which is affected by a PHP Object Injection issue...

WordPress UltimateWoo plugin <= 0.1.10 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by WPScan Team in WordPress UltimateWoo plugin versions = 0.1.10. Solution This plugin has been closed and is no longer available for download...

Redirection for Contact Form 7 < 2.3.4 - Authenticated PHP Object Injection

In the plugin, any authenticated user, such as a subscriber, could use the importfromdebug AJAX action to inject PHP objects. PoC $wpuser, 'pwd' = $wppass, 'rememberme' = 'forever', 'wp-submit' = 'Log+In', ; $output = curlexec$ch; curlclose$ch; // OBJI $ch = curlinit; curlsetopt$ch, CURLOPTURL,...

Redirection for Contact Form 7 < 2.3.4 - Authenticated PHP Object Injection

In the plugin, any authenticated user, such as a subscriber, could use the importfromdebug AJAX action to inject PHP objects. $wpuser, 'pwd' = $wppass, 'rememberme' = 'forever', 'wp-submit' = 'Log+In', ; $output = curlexec$ch; curlclose$ch; // OBJI $ch = curlinit; curlsetopt$ch, CURLOPTURL, $wpur...