CVE-2024-40624

TorrentPier is an open source BitTorrent Public/Private tracker engine, written in php. In torrentpier/library/includes/functions.php, gettracks uses the unsafe native PHP serialization format to deserialize user-controlled cookies. One can use phpggc and the chain Guzzle/FW1 to write PHP code to...

CVE-2024-40624 Deserialization of untrusted data in torrentpier/torrentpier

TorrentPier is an open source BitTorrent Public/Private tracker engine, written in php. In torrentpier/library/includes/functions.php, gettracks uses the unsafe native PHP serialization format to deserialize user-controlled cookies. One can use phpggc and the chain Guzzle/FW1 to write PHP code to...

CVE-2024-40624 Deserialization of untrusted data in torrentpier/torrentpier

TorrentPier is an open source BitTorrent Public/Private tracker engine, written in php. In torrentpier/library/includes/functions.php, gettracks uses the unsafe native PHP serialization format to deserialize user-controlled cookies. One can use phpggc and the chain Guzzle/FW1 to write PHP code to...

CVE-2024-40624 Deserialization of untrusted data in torrentpier/torrentpier

TorrentPier is an open source BitTorrent Public/Private tracker engine, written in php. In torrentpier/library/includes/functions.php, gettracks uses the unsafe native PHP serialization format to deserialize user-controlled cookies. One can use phpggc and the chain Guzzle/FW1 to write PHP code to...

TorrentPier Deserialization of Untrusted Data vulnerability

Summary In torrentpier/library/includes/functions.php, gettracks uses the unsafe native PHP serialization format to deserialize user-controlled cookies: https://github.com/torrentpier/torrentpier/blob/84f6c9f4a081d9ffff4c233098758280304bf50f/library/includes/functions.phpL41-L60 PoC One can use...

GHSA-FG86-4C2R-7WXW TorrentPier Deserialization of Untrusted Data vulnerability

Summary In torrentpier/library/includes/functions.php, gettracks uses the unsafe native PHP serialization format to deserialize user-controlled cookies: https://github.com/torrentpier/torrentpier/blob/84f6c9f4a081d9ffff4c233098758280304bf50f/library/includes/functions.phpL41-L60 PoC One can use...

GHSA-PV9J-C53Q-H433 Gadget chain in Symfony 1 due to uncontrolled unserialized input in sfNamespacedParameterHolder

Summary Symfony 1 has a gadget chain due to dangerous unserialize in sfNamespacedParameterHolder class that would enable an attacker to get remote code execution if a developer unserialize user input in his project. Details This vulnerability present no direct threat but is a vector that will...

Deserialization Gadget chain in Symfony sfNamespacedParameterHolder

Summary Symfony 1 has a gadget chain due to dangerous unserialize in sfNamespacedParameterHolder class that would enable an attacker to get remote code execution if a developer unserialize user input in his project. Details This vulnerability present no direct threat but is a vector that will...

Slider Revolution < 6.6.19 - Author+ Insecure Deserialization leading to RCE

Description The plugin does not prevent users with at least the Author role from unserializing arbitrary content when importing sliders, potentially leading to Remote Code Execution. 1. Make sure to configure the plugin so Authors can access its settings 2. Create a new slider. 3. Save and export...

WordPress Releases Update 6.4.2 to Address Critical Remote Attack Vulnerability

WordPress has released version 6.4.2 with a patch for a critical security flaw that could be exploited by threat actors by combining it with another bug to execute arbitrary PHP code on vulnerable sites. "A remote code execution vulnerability that is not directly exploitable in core; however, the...

Deserialization of arbitrary data leads to RCE

Description LibreNMS includes support for monitoring applications, one of which is memcached. When polling for memcached, the data returned by the agent to the LibreNMS server is not verified before it is deserialized. Because LibreNMS has quite a few dependencies, it is easy to find a working...

Laravel Framework RCE Vulnerability

In Laravel Framework through 5.5.40 and 5.6.x through 5.6.29, remote code execution might occur as a result of an unserialize call on a potentially untrusted X-XSRF-TOKEN value. This involves the decrypt method in Illuminate/Encryption/Encrypter.php and PendingBroadcast in...

Deserialization of untrusted data

SuiteCRM through 7.12.1 and 8.x through 8.0.1 allows Remote Code Execution. Authenticated users with access to the Scheduled Reports module can achieve this by leveraging PHP deserialization in the emailrecipients property. By using a crafted request, they can create a malicious report, containin...

Exploit for CVE-2021-3129

LaravelCVE-2021-3129EXP Reference exp: https://github.com/...

Drupal vulnerability a combination of Boxing: by a malicious picture of a key RCE-vulnerability warning-the black bar safety net

One, Foreword Recent Drupal released two critical patches, support 7. x and 8. the x version. In this security update fixes some bugs, these bugs have been submitted to our targeted vulnerability incentive program TIPS. Exploitation of these vulnerabilities it is possible to achieve code executio...

Drupal < 8.6.10 / < 8.5.11 - REST Module Remote Code Execution Vulnerability

Exploit for php platform in category web applications Drupal FALSE; instead of the standard unserialize$values'options';. As for all FieldItemBase subclasses, LinkItem references a property type. Shortcut uses this property type, for a property named link. Triggering the unserialize Having all...

Drupal 8.6.10 8.5.11 - REST Module Remote Code Execution

Drupal 8.6.10 8.5.11 - REST Module Remote Code Execution Analyzing the patch By diffing Drupal 8.6.9 and 8.6.10, we can see that in the REST module, FieldItemNormalizer now uses a new trait, SerializedColumnNormalizerTrait. This trait provides the checkForSerializedStrings method, which in short...

Drupal &lt; 8.6.10 / &lt; 8.5.11 - REST Module Remote Code Execution

Analyzing the patch By diffing Drupal 8.6.9 and 8.6.10, we can see that in the REST module, FieldItemNormalizer now uses a new trait, SerializedColumnNormalizerTrait. This trait provides the checkForSerializedStrings method, which in short raises an exception if a string is provided for a value...

Remote code execution

In Laravel Framework through 5.5.40 and 5.6.x through 5.6.29, remote code execution might occur as a result of an unserialize call on a potentially untrusted X-XSRF-TOKEN value. This involves the decrypt method in Illuminate/Encryption/Encrypter.php and PendingBroadcast in...

CVE-2018-15133

In Laravel Framework through 5.5.40 and 5.6.x through 5.6.29, remote code execution might occur as a result of an unserialize call on a potentially untrusted X-XSRF-TOKEN value. This involves the decrypt method in Illuminate/Encryption/Encrypter.php and PendingBroadcast in...