36 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-31048
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue in the pickle protocol of Pyro v3.x allows attackers to execute arbitrary code via supplying a crafted pickled string message. CVE-2026-31048 Note that...
CVE-2026-31048
An issue in the pickle protocol of Pyro v3.x allows attackers to execute arbitrary code via supplying a crafted pickled string message...
CVE-2026-31048
An issue in the pickle protocol of Pyro v3.x allows attackers to execute arbitrary code via supplying a crafted pickled string message...
CVE-2026-31048
An issue in the pickle protocol of Pyro v3.x allows attackers to execute arbitrary code via supplying a crafted pickled string message...
UBUNTU-CVE-2026-31048
An issue in the pickle protocol of Pyro v3.x allows attackers to execute arbitrary code via supplying a crafted pickled string message...
coopihc-modelchecks (=0.1.0), iperturb (=0.2.0) potentially affected by CVE-2026-31048 via pyro (=3.16.0)
pyro PYPI version =3.16.0 is affected by a known vulnerability. The following packages have a transitive dependency on pyro and may be impacted: - coopihc-modelchecks =0.1.0 - iperturb =0.2.0 Source cves: CVE-2026-31048 Source advisory: SNYK:PYTHON-PYRO-16428622...
Arbitrary Code Injection
Overview Affected versions of this package are vulnerable to Arbitrary Code Injection via the pickle process. An attacker can execute arbitrary code by sending a specially crafted pickled string message. Remediation There is no fixed version for Pyro. References - GitHub Advisory - Vulnerable Cod...
CVE-2026-31048
An issue in the pickle protocol of Pyro v3.x allows attackers to execute arbitrary code via supplying a crafted pickled string message...
CVE-2026-31048
The CVE-2026-31048 issue affects Pyro v3.x, specifically its pickle protocol, where a crafted pickled string message can lead to arbitrary code execution. Multiple connected sources (NVD, Red Hat, Ubuntu, Nessus plugin, etc.) confirm the vulnerability and name Pyro v3.x as the affected component,...
CVE-2026-31048
An issue in the pickle protocol of Pyro v3.x allows attackers to execute arbitrary code via supplying a crafted pickled string message...
EUVD-2026-22059
An issue in the pickle protocol of Pyro v3.x allows attackers to execute arbitrary code via supplying a crafted pickled string message...
CVE-2026-31048
An issue in the pickle protocol of Pyro v3.x allows attackers to execute arbitrary code via supplying a crafted pickled string message...
PT-2026-32504
CVE-2026-31048 An issue in the codepickle/code protocol of Pyro v3.x allows attackers to execute arbitrary code via supplying a crafted pickled string message. https://t.co/9RAOHY9pwL...
EUVD-2024-55334
PyroCMS v3.0.1 contains a stored cross-site scripting vulnerability in the admin redirects configuration that allows attackers to inject malicious scripts. Attackers can insert a payload in the 'Redirect From' field to execute arbitrary JavaScript when administrators view the redirects page...
PyroCMS 跨站脚本漏洞
PyroCMS is a lightweight open source content management system developed using the CodeIgniter framework by PyroCMS, Inc. A cross-site scripting vulnerability exists in PyroCMS version v3.0.1, which stems from the presence of stored cross-site scripting in the administrator's redirection...
Pyro CMS 3.9 Server-Side Template Injection
Exploit Title: Pyro CMS 3.9 - Server-Side Template Injection SSTI Authenticated Exploit Author: Daniel Barros @cupc4k3d - Hakai Offensive Security Date: 03/08/2023 Vendor: https://pyrocms.com/ Software Link: https://pyrocms.com/documentation/pyrocms/3.9/getting-started/installation Vulnerable...
Pyro CMS 3.9 - Server-Side Template Injection (SSTI) (Authenticated) Exploit
Exploit Title: Pyro CMS 3.9 - Server-Side Template Injection SSTI Authenticated Exploit Author: Daniel Barros @cupc4k3d - Hakai Offensive Security Vendor: https://pyrocms.com/ Software Link: https://pyrocms.com/documentation/pyrocms/3.9/getting-started/installation Vulnerable Versions: 3.9 CVE:...
Pyro CMS 3.9 - Server-Side Template Injection (SSTI) (Authenticated)
Exploit Title: Pyro CMS 3.9 - Server-Side Template Injection SSTI Authenticated Exploit Author: Daniel Barros @cupc4k3d - Hakai Offensive Security Date: 03/08/2023 Vendor: https://pyrocms.com/ Software Link: https://pyrocms.com/documentation/pyrocms/3.9/getting-started/installation Vulnerable...
PyroCMS 跨站脚本漏洞
PyroCMS is a lightweight open source content management system developed by an individual developer using the CodeIgniter framework. A cross-site scripting vulnerability exists in PyroCMS v3.9, which stems from being found to contain multiple cross-site scripting XSS vulnerabilities...
PyroCMS Cross-Site Request Forgery Vulnerability
PyroCMS is an easy-to-use, powerful and modular CMS and development platform built using Laravel 5. A cross-site request forgery vulnerability exists in PyroCMS 3.7. An attacker can exploit this vulnerability to remove arbitrary plugins via the admin/addons/uninstall/anomaly.module.blocks URI...