CVE-2014-3942

The Color Picker Wizard component in TYPO3 4.5.0 before 4.5.34, 4.7.0 before 4.7.19, 6.0.0 before 6.0.14, and 6.1.0 before 6.1.9 allows remote authenticated editors to execute arbitrary PHP code via a serialized PHP object...

CVE-2013-1397

Symfony 2.0.x before 2.0.22, 2.1.x before 2.1.7, and 2.2.x remote attackers to execute arbitrary PHP code via a serialized PHP object to the 1 Yaml::parse or 2 Yaml\Parser::parse function, a different vulnerability than CVE-2013-1348...

Design/Logic Flaw

Symfony 2.0.x before 2.0.22, 2.1.x before 2.1.7, and 2.2.x remote attackers to execute arbitrary PHP code via a serialized PHP object to the 1 Yaml::parse or 2 Yaml\Parser::parse function, a different vulnerability than CVE-2013-1348...

webEdition CMS 2.8.0.0 Remote Command Execution

Advisory: Remote Command Execution in webEdition CMS Installer Script RedTeam Pentesting discovered a remote command execution vulnerability in the installer script of the webEdition CMS during a penetration test. If the installer script is not manually removed after installation, attackers canno...

CodeIgniter / Kohana PHP Object Injection / Timing Attack

CodeIgniter versions 2.1.4 and below and Kohana versions 3.2.3 and below and 3.3.2 and below suffer from PHP object injection, a timing attack, and a remote code execution vulnerability. Background info and boring history shit:...

Code injection

The setCookieValue function in lib/functions.global.inc.php in LiveZilla before 5.1.2.1 allows remote attackers to execute arbitrary PHP code via a serialized PHP object in a cookie...

CVE-2014-2922

The getObjectByToken function in Newsletter.php in the PimcoreToolNewsletter module in pimcore 1.4.9 through 2.1.0 does not properly handle an object obtained by unserializing a pathname, which allows remote attackers to conduct PHP object injection attacks and delete arbitrary files via vectors...

Design/Logic Flaw

The getObjectByToken function in Newsletter.php in the PimcoreToolNewsletter module in pimcore 1.4.9 through 2.0.0 does not properly handle an object obtained by unserializing Lucene search data, which allows remote attackers to conduct PHP object injection attacks and execute arbitrary code via...

Design/Logic Flaw

The getObjectByToken function in Newsletter.php in the PimcoreToolNewsletter module in pimcore 1.4.9 through 2.1.0 does not properly handle an object obtained by unserializing a pathname, which allows remote attackers to conduct PHP object injection attacks and delete arbitrary files via vectors...

CVE-2014-2921

CVE-2014-2921 affects Pimcore’s Newsletter tool. The vulnerability in the getObjectByToken function (Newsletter.php) occurs in Pimcore versions 1.4.9–2.0.0 and stems from improper handling of an object obtained by unserializing Lucene search data, enabling PHP object injection and arbitrary code ...

CVE-2014-2921

The getObjectByToken function in Newsletter.php in the PimcoreToolNewsletter module in pimcore 1.4.9 through 2.0.0 does not properly handle an object obtained by unserializing Lucene search data, which allows remote attackers to conduct PHP object injection attacks and execute arbitrary code via...

CVE-2014-2922

CVE-2014-2922 affects Pimcore CMS, specifically the Pimcore_Tool_Newsletter Newsletter.php path. The issue occurs in Pimcore 1.4.9 through 2.1.0 where getObjectByToken mishandles an object obtained by unserializing a pathname, enabling PHP object injection via a serialized payload. Reported explo...

CVE-2014-2922

The getObjectByToken function in Newsletter.php in the PimcoreToolNewsletter module in pimcore 1.4.9 through 2.1.0 does not properly handle an object obtained by unserializing a pathname, which allows remote attackers to conduct PHP object injection attacks and delete arbitrary files via vectors...

Egroupware 1.8.005 PHP Object Insertion

Vulnerabilities in EGroupware 1.8.005 Discovered by Pedro Ribeiro [email protected] of Agile Information Security ==================================================================== Vulnerability: PHP object insertion leading to all kinds of badness arbitrary file deletion, possible code executio...

PHP object injection vulnerability allows for arbitrary code execution

More info at https://contao.org/en/news/major-security-hole-found-in-contao.html...

Contao CMS 3.2.4 Code Execution Vulnerability

Contao CMS versions 3.2.4 and below suffer from a code execution vulnerability. Hi, I have discovered a vulnerability that might lead to code execution in Contao CMS Vulnerabilities in Contao 3.2.4 Discovered by Pedro Ribeiro email protected of Agile Information Security...

Security feature bypass

The "Remember me" feature in the opSecurityUser::getRememberLoginCookie function in lib/user/opSecurityUser.class.php in OpenPNE 3.6.13 before 3.6.13.1 and 3.8.9 before 3.8.9.1 does not properly validate login data in HTTP Cookie headers, which allows remote attackers to conduct PHP object...

CVE-2013-5350

The "Remember me" feature in the opSecurityUser::getRememberLoginCookie function in lib/user/opSecurityUser.class.php in OpenPNE 3.6.13 before 3.6.13.1 and 3.8.9 before 3.8.9.1 does not properly validate login data in HTTP Cookie headers, which allows remote attackers to conduct PHP object...

CVE-2013-5350

OpenPNE contains a PHP Object Injection vulnerability in opSecurityUser.getRememberLoginCookie() that processes cookies with unserialize(base64_decode()) without proper input filtering. A remote unauthenticated attacker could craft a serialized object in a Cookie header to execute arbitrary PHP c...

CVE-2013-5350

The "Remember me" feature in the opSecurityUser::getRememberLoginCookie function in lib/user/opSecurityUser.class.php in OpenPNE 3.6.13 before 3.6.13.1 and 3.8.9 before 3.8.9.1 does not properly validate login data in HTTP Cookie headers, which allows remote attackers to conduct PHP object...