Saloon 代码问题漏洞

Saloon is a PHP API integration and SDK library developed by Saloon PHP Open Source. Versions of Saloon prior to 4.0.0 had code vulnerabilities. These vulnerabilities stemmed from the use of un serialize in AccessTokenAuthenticator::un serialize, which used PHP’s un serialize method to restore th...

EUVD-2026-13374

SuiteCRM is an open-source, enterprise-ready Customer Relationship Management CRM software application. Versions up to and including 8.9.2 contain an unsafe deserialization vulnerability in the SavedSearch filter processing component that allows an authenticated administrator to execute arbitrary...

EUVD-2026-11096

The divi-booster WordPress plugin before 5.0.2 does not have authorization and CSRF checks in one of its fixing function, allowing unauthenticated users to modify stored divi-booster WordPress plugin before 5.0.2 options. Furthermore, due to the use of unserialize on the data, this could be furth...

DEBIAN-CVE-2023-30534

Cacti is an open source operational monitoring and fault management framework. There are two instances of insecure deserialization in Cacti version 1.2.24. While a viable gadget chain exists in Cacti’s vendor directory phpseclib, the necessary gadgets are not included, making them inaccessible an...

CVE-2019-19909

PKP pkp-lib before 3.1.2-2 and OJS before 3.1.2-2 are affected. A crafted URL can trigger code injection in the OJS report generator via unserialize when an authenticated Journal Manager visits it. Remediation: upgrade to pkp-lib 3.1.2-2 or later and OJS 3.1.2-2 or later (or apply vendor-provided...