Deserialization of Untrusted Data

Overview Affected versions of this package are vulnerable to Deserialization of Untrusted Data in the RedisHandler process. An attacker can execute arbitrary code by supplying crafted serialized data to the session or cache handlers, which is then processed using unserialize. Details Serializatio...

Mix PHP 代码问题漏洞

Mix PHP is Mix PHP open source a PHP command line mode development framework that supports seamless multi-server ecosystem switching. A code issue vulnerability exists in Mix PHP versions 2.x through 2.2.17 that stems from a session and cache handler call to unserialize on Redis data in the...

PT-2026-36489

Name of the Vulnerable Software and Affected Versions MixPHP Framework versions 2.x through 2.2.17 Description An unsafe deserialization issue exists where the session and cache handlers utilize the unserialize function on data retrieved from Redis within the RedisHandler object. Recommendations ...

CVE-2026-42472

Unsafe deserialization vulnerability in MixPHP Framework 2.x thru 2.2.17. The session and cache handlers use unserialize on data from Redis in the RedisHandler object...

CodeIgniter 授权问题漏洞

CodeIgniter is an open source web framework written in PHP. An authorization issue vulnerability exists in CodeIgniter versions prior to 4.2.11, which stems from an attacker obtaining a session cookie when the application uses multiple session cookies, and the session handler is set to...

PT-2022-27784 · Unknown · Codeigniter

Name of the Vulnerable Software and Affected Versions: CodeIgniter versions prior to 4.2.11 Description: The issue arises when an application uses multiple session cookies and a session handler is set to DatabaseHandler, MemcachedHandler, or RedisHandler. If an attacker obtains one session cookie...