Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/12/19 2:9 p.m.5 views

CVE-2025-63950

An insecure deserialization vulnerability exists in the download.php script of the to3k Twittodon application through commit b1c58a7d1dc664b38deb486ca290779621342c0b 2023-02-28. The 'obj' parameter receives base64-encoded data that is passed directly to the unserialize function without validation...

7.5CVSS7.2AI score0.00437EPSS
Exploits1References1
NVD
NVD
added 2025/12/18 9:15 p.m.3 views

CVE-2025-63950

An insecure deserialization vulnerability exists in the download.php script of the to3k Twittodon application through commit b1c58a7d1dc664b38deb486ca290779621342c0b 2023-02-28. The 'obj' parameter receives base64-encoded data that is passed directly to the unserialize function without validation...

7.5CVSS0.00437EPSS
Exploits1References2
OSV
OSV
added 2025/12/18 9:15 p.m.3 views

CVE-2025-63950

An insecure deserialization vulnerability exists in the download.php script of the to3k Twittodon application through commit b1c58a7d1dc664b38deb486ca290779621342c0b 2023-02-28. The 'obj' parameter receives base64-encoded data that is passed directly to the unserialize function without validation...

7.5CVSS5.9AI score0.00437EPSS
Exploits1References2
CVE
CVE
added 2025/12/18 12:0 a.m.11 views

CVE-2025-63950

The CVE describes an insecure deserialization vulnerability in the to3k Twittodon application, specifically in the download.php script where the obj parameter is base64-encoded data passed directly to unserialize() without validation. This allows a remote, unauthenticated attacker to inject arbit...

7.5CVSS6.8AI score0.00437EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder