Design/Logic Flaw

An issue was discovered in CMS Made Simple 2.2.8. In the module FrontEndUsers in the file class.FrontEndUsersManipulate.php or class.FrontEndUsersManipulator.php, it is possible to reach an unserialize call with an untrusted FEU cookie, and achieve authenticated object injection...

Pimcore Unserialize RCE

This module exploits a PHP unserialize in Pimcore before 5.7.1 to execute arbitrary code. An authenticated user with "classes" permission could exploit the vulnerability. The vulnerability exists in the "ClassController.php" class, where the "bulk-commit" method makes it possible to exploit the...

Design/Logic Flaw

An issue was discovered in Pimcore before 5.7.1. An attacker with classes permission can send a POST request to /admin/class/bulk-commit, which will make it possible to exploit the unserialize function when passing untrusted values in the data parameter to...

CVE-2019-10867

An issue was discovered in Pimcore before 5.7.1. An attacker with classes permission can send a POST request to /admin/class/bulk-commit, which will make it possible to exploit the unserialize function when passing untrusted values in the data parameter to...

CVE-2019-10867

An issue was discovered in Pimcore before 5.7.1. An attacker with classes permission can send a POST request to /admin/class/bulk-commit, which will make it possible to exploit the unserialize function when passing untrusted values in the data parameter to...

CVE-2019-10867

Pimcore before 5.7.1 contains an unserialize RCE vulnerability. An attacker with classes permission can send a POST to /admin/class/bulk-commit, which triggers unserialize when untrusted data is passed to bundles/AdminBundle/Controller/Admin/DataObject/ClassController.php. This exposes a remote c...

Pimcore Deserialization Vulnerability

In Pimcore versions prior to 5.7.1, a deserialization vulnerability exists in the handler function for the bulk-commit POST request. Recent assessments: space-r7 at September 12, 2019 6:07pm UTC reported: Details There exists a PHP deserialization vulnerability in Pimcore versions prior to 5.7.1...

CVE-2019-9061

An issue was discovered in CMS Made Simple 2.2.8. In the module ModuleManager in the file action.installmodule.php, it is possible to reach an unserialize call with untrusted input and achieve authenticated object injection by using the "install module" feature...

CVE-2019-9055

An issue was discovered in CMS Made Simple 2.2.8. In the module DesignManager in the files action.adminbulkcss.php and action.adminbulktemplate.php, with an unprivileged user with Designer permission, it is possible reach an unserialize call with a crafted value in the m1allparms parameter, and...

CVE-2019-9057

An issue was discovered in CMS Made Simple 2.2.8. In the module FilePicker, it is possible to reach an unserialize call with an untrusted parameter, and achieve authenticated object injection...

CVE-2019-9057

An issue was discovered in CMS Made Simple 2.2.8. In the module FilePicker, it is possible to reach an unserialize call with an untrusted parameter, and achieve authenticated object injection...

CVE-2019-9061

An issue was discovered in CMS Made Simple 2.2.8. In the module ModuleManager in the file action.installmodule.php, it is possible to reach an unserialize call with untrusted input and achieve authenticated object injection by using the "install module" feature...

Design/Logic Flaw

An issue was discovered in CMS Made Simple 2.2.8. In the module ModuleManager in the file action.installmodule.php, it is possible to reach an unserialize call with untrusted input and achieve authenticated object injection by using the "install module" feature...

CVE-2019-9061

An issue was discovered in CMS Made Simple 2.2.8. In the module ModuleManager in the file action.installmodule.php, it is possible to reach an unserialize call with untrusted input and achieve authenticated object injection by using the "install module" feature...

CVE-2019-9061

CMS Made Simple v2.2.8 is affected via the ModuleManager’s action.installmodule.php where an unserialize call with untrusted input can be triggered, enabling authenticated object injection when using the "install module" feature. This is supported across multiple sources (NVD/CVE-2019-9061 and PT...

PT-2019-19341 · Cms Made Simple · Cms Made Simple

Name of the Vulnerable Software and Affected Versions: CMS Made Simple version 2.2.8 Description: An issue was discovered in the FilePicker module, where it is possible to reach an unserialize call with an untrusted parameter, achieving authenticated object injection. Recommendations: For CMS Mad...

Drupal CVE-2019-6340 Remote Code Execution EXP

Description This Metasploit module exploits a PHP unserialize vulnerability in Drupal RESTful Web Services by sending a crafted request to the /node REST endpoint. As per SA-CORE-2019-003, the initial remediation was to disable POST, PATCH, and PUT, but Ambionics discovered that GET was also...

Drupal < 8.5.11 / < 8.6.10 - RESTful Web Services unserialize() Remote Command Execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Drupal RESTful Web Services unserialize RCE', 'Description' = %q This module exploits a PHP unserialize vulnerability in Drupal RESTful Web...

Drupal RESTful Web Services unserialize() Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Drupal RESTful Web Services unserialize RCE', 'Description' = %q This module exploits a PHP unserialize vulnerability in Drupal RESTful Web...

Drupal RESTful Web Services unserialize() Remote Code Execution Exploit

This Metasploit module exploits a PHP unserialize vulnerability in Drupal RESTful Web Services by sending a crafted request to the /node REST endpoint. As per SA-CORE-2019-003, the initial remediation was to disable POST, PATCH, and PUT, but Ambionics discovered that GET was also vulnerable albei...