Lucene search
K

33 matches found

Hacker One
Hacker One
added 2020/02/18 11:7 a.m.66 views

Internet Bug Bounty: Null Pointer Dereference in PHP Session Upload Progress

Affected Versions ------------ Affected is all of PHP5.4/5.5/5.6 Affected is all of PHP7 Credits ------------ This vulnerability was disclosed by Taoguang Chen. Description ------------ session.c static int phpsessionrfc1867callbackunsigned int event, void eventdata, void extra / / ... switcheven...

7.1AI score
Exploits0
0day.today
0day.today
added 2017/01/23 12:0 a.m.28 views

MyBB 1.8.3 Remote Code Execution Exploit

Exploit for php platform in category web applications GMP Deserialization Type Confusion Vulnerability MyBB - Write Date: 2015.4.28 - Release Date: 2017.1.20 A type-confusion vulnerability was discovered in GMP deserialization with crafted object's wakeup magic method that can be abused for...

Exploits0
Packet Storm
Packet Storm
added 2017/01/22 12:0 a.m.78 views

PHP 5.6.x / MyBB 1.8.3 Remote Code Execution

GMP Deserialization Type Confusion Vulnerability MyBB - Write Date: 2015.4.28 - Release Date: 2017.1.20 A type-confusion vulnerability was discovered in GMP deserialization with crafted object's wakeup magic method that can be abused for updating any already assigned properties of any already...

Exploits0
exploitpack
exploitpack
added 2017/01/20 12:0 a.m.12 views

MyBB 1.8.3 (with PHP 5.6 5.6.11) - Remote Code Execution

MyBB 1.8.3 with PHP 5.6 5.6.11 - Remote Code Execution GMP Deserialization Type Confusion Vulnerability MyBB - Write Date: 2015.4.28 - Release Date: 2017.1.20 A type-confusion vulnerability was discovered in GMP deserialization with crafted object's wakeup magic method that can be abused for...

Exploits0
Exploit DB
Exploit DB
added 2017/01/20 12:0 a.m.36 views

MyBB < 1.8.3 (with PHP 5.6 < 5.6.11) - Remote Code Execution

GMP Deserialization Type Confusion Vulnerability MyBB - Write Date: 2015.4.28 - Release Date: 2017.1.20 A type-confusion vulnerability was discovered in GMP deserialization with crafted object's wakeup magic method that can be abused for updating any already assigned properties of any already...

7.4AI score
Exploits0
Hacker One
Hacker One
added 2017/01/16 1:37 p.m.28 views

Internet Bug Bounty: GMP Deserialization Type Confusion Vulnerability [MyBB <= 1.8.3 RCE Vulnerability]

GMP Deserialization Type Confusion Vulnerability MyBB - Write Date: 2015.4.28 A type-confusion vulnerability was discovered in GMP deserialization with crafted object's wakeup magic method that can be abused for updating any already assigned properties of any already created objects, this result ...

7.8AI score
Exploits0
OpenVAS
OpenVAS
added 2016/10/05 12:0 a.m.51 views

Ubuntu: Security Advisory (USN-3095-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.1AI score0.16482EPSS
Exploits17References2
Hacker One
Hacker One
added 2016/08/17 6:46 a.m.25 views

Internet Bug Bounty: Use After Free Vulnerability in unserialize()

bug report at: https://bugs.php.net/bug.php?id=70436 fix commit at: https://github.com/php/php-src/commit/95d09e4b5e6b84f8340efe03e8e2f9c1380228db Use After Free Vulnerability in unserialize Taoguang Chen - Write Date: 2015.9.6 - Release Date: 2016.8.18 A use-after-free vulnerability was discover...

8AI score
Exploits0
seebug.org
seebug.org
added 2015/09/12 12:0 a.m.25 views

PHP 5.6 / 5.5 / 5.4 Session Deserialized Use-After-Free

Use After Free Vulnerabilities in Session DeserializerTaoguang Chen @chtg - Write Date: 2015.8.9- Release Date: 2015.9.4 Multiple use-after-free vulnerabilities were discovered in session deserializer php/phpbinary/phpserialize that can be abused for leaking arbitrary memory blocks or execute...

8AI score
Exploits0
0day.today
0day.today
added 2015/09/09 12:0 a.m.20 views

PHP GMP unserialize() Use-After-Free Vulnerabilities

Exploit for php platform in category dos / poc Use After Free Vulnerability in unserialize with GMP Taoguang Chen Write Date: 2015.8.17 Release Date: 2015.9.4 A use-after-free vulnerability was discovered in unserialize with GMP object's deserialization that can be abused for leaking arbitrary...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2015/09/09 12:0 a.m.17 views

PHP GMP - &#039;unserialize()&#039; Use-After-Free

Use After Free Vulnerability in unserialize with GMP Taoguang Chen Write Date: 2015.8.17 Release Date: 2015.9.4 A use-after-free vulnerability was discovered in unserialize with GMP object's deserialization that can be abused for leaking arbitrary memory blocks or execute arbitrary code remotely...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2015/09/09 12:0 a.m.110 views

PHP 5.4/5.5/5.6 - SplObjectStorage &#039;Unserialize()&#039; Use-After-Free

Yet Another Use After Free Vulnerability in unserialize with SplObjectStorage Taoguang Chen Write Date: 2015.8.27 Release Date: 2015.9.4 A use-after-free vulnerability was discovered in unserialize with SplObjectStorage object's deserialization and crafted object's wakeup magic method that can be...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2015/09/09 12:0 a.m.29 views

PHP 5.4/5.5/5.6 - &#039;Unserialize()&#039; Use-After-Free

Use After Free Vulnerabilities in unserialize Taoguang Chen Write Date: 2015.7.31 Release Date: 2015.9.4 Multiple use-after-free vulnerabilities were discovered in unserialize with Serializable class that can be abused for leaking arbitrary memory blocks or execute arbitrary code remotely. Affect...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2015/09/09 12:0 a.m.11 views

PHP 5.45.55.6 - SplObjectStorage Unserialize() Use-After-Free

PHP 5.45.55.6 - SplObjectStorage Unserialize Use-After-Free Yet Another Use After Free Vulnerability in unserialize with SplObjectStorage Taoguang Chen Write Date: 2015.8.27 Release Date: 2015.9.4 A use-after-free vulnerability was discovered in unserialize with SplObjectStorage object's...

0.1AI score
Exploits0
exploitpack
exploitpack
added 2015/09/09 12:0 a.m.13 views

PHP 5.45.55.6 - SplDoublyLinkedList Unserialize() Use-After-Free

PHP 5.45.55.6 - SplDoublyLinkedList Unserialize Use-After-Free Yet Another Use After Free Vulnerability in unserialize with SplDoublyLinkedList Taoguang Chen - Write Date: 2015.8.27 Release Date: 2015.9.4 A use-after-free vulnerability was discovered in unserialize with SplDoublyLinkedList object...

0.2AI score
Exploits0
Exploit DB
Exploit DB
added 2015/09/09 12:0 a.m.65 views

PHP 5.4/5.5/5.6 - SplDoublyLinkedList &#039;Unserialize()&#039; Use-After-Free

Yet Another Use After Free Vulnerability in unserialize with SplDoublyLinkedList Taoguang Chen - Write Date: 2015.8.27 Release Date: 2015.9.4 A use-after-free vulnerability was discovered in unserialize with SplDoublyLinkedList object's deserialization and crafted object's wakeup magic method tha...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2015/09/09 12:0 a.m.15 views

PHP GMP - unserialize() Use-After-Free

PHP GMP - unserialize Use-After-Free Use After Free Vulnerability in unserialize with GMP Taoguang Chen Write Date: 2015.8.17 Release Date: 2015.9.4 A use-after-free vulnerability was discovered in unserialize with GMP object's deserialization that can be abused for leaking arbitrary memory block...

0.2AI score
Exploits0
0day.today
0day.today
added 2015/09/09 12:0 a.m.23 views

PHP SplDoublyLinkedList unserialize() Use-After-Free Vulnerabilities

Exploit for php platform in category dos / poc Yet Another Use After Free Vulnerability in unserialize with SplDoublyLinkedList Taoguang Chen - Write Date: 2015.8.27 Release Date: 2015.9.4 A use-after-free vulnerability was discovered in unserialize with SplDoublyLinkedList object's deserializati...

7AI score
Exploits0
0day.today
0day.today
added 2015/09/09 12:0 a.m.18 views

PHP unserialize() Use-After-Free Vulnerabilities

Exploit for php platform in category dos / poc Use After Free Vulnerabilities in unserialize Taoguang Chen Write Date: 2015.7.31 Release Date: 2015.9.4 Multiple use-after-free vulnerabilities were discovered in unserialize with Serializable class that can be abused for leaking arbitrary memory...

7AI score
Exploits0
0day.today
0day.today
added 2015/09/09 12:0 a.m.15 views

PHP SplObjectStorage unserialize() Use-After-Free Vulnerabilities

Exploit for php platform in category dos / poc Yet Another Use After Free Vulnerability in unserialize with SplObjectStorage Taoguang Chen Write Date: 2015.8.27 Release Date: 2015.9.4 A use-after-free vulnerability was discovered in unserialize with SplObjectStorage object's deserialization and...

7AI score
Exploits0
Rows per page
Query Builder