Lucene search
+L

1329 matches found

ptsecurity
ptsecurity
added 2026/05/01 12:0 a.m.12 views

PT-2026-36488

Name of the Vulnerable Software and Affected Versions MixPHP Framework versions 2.x through 2.2.17 Description An unsafe deserialization issue exists in the sync-invoke client within the Connection.php file at line 76. The client uses the unserialize function on data received from server response...

8.1CVSS6.6AI score0.01757EPSS
Exploits2References7
cnnvd
cnnvd
added 2026/05/01 12:0 a.m.12 views

Mix PHP 代码问题漏洞

Mix PHP is Mix PHP open source a PHP command line mode development framework that supports seamless multi-server ecosystem switching. A code issue vulnerability exists in Mix PHP versions 2.x through 2.2.17 that stems from a session and cache handler call to unserialize on file system data in the...

9.8CVSS5.9AI score0.0038EPSS
Exploits0References1
github
github
added 2026/04/14 12:7 a.m.7 views

Craft Commerce has a SQL Injection can lead to Remote Code Execution via TotalRevenue Widget

Summary A SQL injection in the Commerce TotalRevenue widget can lead to remote code execution through a chain of four vulnerabilities: SQL Injection -- The TotalRevenue stat interpolates unsanitized widget settings directly into a sprintf-based SQL Expression. Any control panel user can create an...

7.7CVSS6.7AI score0.00476EPSS
Exploits0References4Affected Software1
snyk
snyk
added 2026/04/13 9:13 p.m.3 views

SQL Injection

Overview craftcms/commerce is a Craft Commerce Affected versions of this package are vulnerable to SQL Injection via the TotalRevenue widget, where unsanitized widget settings are interpolated into SQL expressions. An attacker can execute arbitrary commands on the server by injecting a maliciousl...

7.7CVSS6.4AI score0.00476EPSS
Exploits0References2
osv
osv
added 2026/04/13 8:19 p.m.2 views

CVE-2026-32271 Craft Commerce: SQL Injection can lead to Remote Code Execution via TotalRevenue Widget

Craft Commerce is an ecommerce platform for Craft CMS. In versions 4.0.0 through 4.10.2 and 5.0.0 through 5.5.4, there is an SQL injection vulnerability in the Commerce TotalRevenue widget which allows any authenticated control panel user to achieve remote code execution through a four-step...

7.7CVSS6.7AI score0.00476EPSS
Exploits0References4
zeroscience
zeroscience
added 2026/04/12 12:0 a.m.71 views

Pachno 1.0.6 FileCache Deserialization Remote Code Execution

Summary Pachno is an open-source collaboration platform formerly known as The Bug Genie designed for team project management, issue tracking, and documentation. It offers a module-based, customizable environment for software development and team workflows, distributed under the Mozilla Public...

9.8CVSS6.4AI score0.00484EPSS
Exploits1
nvd
nvd
added 2026/04/08 2:16 a.m.11 views

CVE-2026-3296

The Everest Forms plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.4.3 via deserialization of untrusted input from form entry metadata. This is due to the html-admin-page-entries-view.php file calling PHP's native unserialize on stored entry meta...

9.8CVSS0.00878EPSS
Exploits1References6
cve
cve
added 2026/04/08 1:24 a.m.51 views

CVE-2026-3296

The Everest Forms WordPress plugin ( 3.4.3 (e.g., 3.4.4 or later) to fix the issue. If upgrading is not immediate, disable or audit admin entry views to avoid triggering deserialization.

9.8CVSS5.9AI score0.00878EPSS
In wildExploits1References6
euvd
euvd
added 2026/04/08 1:24 a.m.6 views

EUVD-2026-20020

The Everest Forms plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.4.3 via deserialization of untrusted input from form entry metadata. This is due to the html-admin-page-entries-view.php file calling PHP's native unserialize on stored entry meta...

9.8CVSS5.9AI score0.00878EPSS
Exploits1References6
ptsecurity
ptsecurity
added 2026/04/08 12:0 a.m.10 views

PT-2026-31067

Name of the Vulnerable Software and Affected Versions Everest Forms plugin for WordPress versions up to and including 3.4.3 Description The Everest Forms plugin for WordPress is susceptible to PHP Object Injection due to the unsafe deserialization of untrusted input from form entry metadata. The...

9.8CVSS5.8AI score0.00878EPSS
Exploits1References19
redhatcve
redhatcve
added 2026/04/03 4:59 p.m.4 views

CVE-2026-29782

OpenSTAManager is an open source management software for technical assistance and invoicing. Prior to version 2.10.2, the oauth2.php file in OpenSTAManager is an unauthenticated endpoint $skippermissions = true. It loads a record from the zzoauth2 table using the attacker-controlled GET parameter...

7.2CVSS5.8AI score0.0057EPSS
Exploits1References1
nvd
nvd
added 2026/04/02 2:16 p.m.5 views

CVE-2026-29782

OpenSTAManager is an open source management software for technical assistance and invoicing. Prior to version 2.10.2, the oauth2.php file in OpenSTAManager is an unauthenticated endpoint $skippermissions = true. It loads a record from the zzoauth2 table using the attacker-controlled GET parameter...

7.2CVSS0.0057EPSS
Exploits1References3
attackerkb
attackerkb
added 2026/04/02 1:42 p.m.5 views

CVE-2026-29782

OpenSTAManager is an open source management software for technical assistance and invoicing. Prior to version 2.10.2, the oauth2.php file in OpenSTAManager is an unauthenticated endpoint $skippermissions = true. It loads a record from the zzoauth2 table using the attacker-controlled GET parameter...

7.2CVSS5.8AI score0.0057EPSS
Exploits1References4Affected Software1
github
github
added 2026/04/01 7:46 p.m.31 views

OpenSTAManager Affected by Remote Code Execution via Insecure Deserialization in OAuth2

Description The oauth2.php file in OpenSTAManager is an unauthenticated endpoint $skippermissions = true. It loads a record from the zzoauth2 table using the attacker-controlled GET parameter state, and during the OAuth2 configuration flow calls unserialize on the accesstoken field without any...

7.2CVSS6.3AI score0.0057EPSS
Exploits1References5Affected Software1
osv
osv
added 2026/04/01 7:46 p.m.25 views

GHSA-WHV5-4Q2F-Q68G OpenSTAManager Affected by Remote Code Execution via Insecure Deserialization in OAuth2

Description The oauth2.php file in OpenSTAManager is an unauthenticated endpoint $skippermissions = true. It loads a record from the zzoauth2 table using the attacker-controlled GET parameter state, and during the OAuth2 configuration flow calls unserialize on the accesstoken field without any...

7.2CVSS6.3AI score0.0057EPSS
Exploits1References5
ptsecurity
ptsecurity
added 2026/04/01 12:0 a.m.8 views

PT-2026-29658

Description The oauth2.php file in OpenSTAManager is an unauthenticated endpoint $skip permissions = true. It loads a record from the zz oauth2 table using the attacker-controlled GET parameter state, and during the OAuth2 configuration flow calls unserialize on the access token field without any...

7.2CVSS6.3AI score0.0057EPSS
Exploits1References6
redhatcve
redhatcve
added 2026/03/30 10:18 a.m.6 views

CVE-2026-33993

A flaw was found in Locutus, a library that integrates standard libraries from other programming languages into JavaScript. The unserialize function, which converts serialized PHP data into JavaScript objects, fails to filter the proto key during deserialization. A remote attacker can exploit thi...

9.8CVSS5.9AI score0.00583EPSS
Exploits1References7
githubexploit
githubexploit
added 2026/03/30 8:49 a.m.136 views

tudo-exploits-oswe-prep

tudo-exploits-oswe-prep A project contains all exploits of vul...

6AI score
Exploits0
veracode
veracode
added 2026/03/28 5:29 a.m.13 views

Deserialization Of Untrusted Data

Saloon is vulnerable to Deserialization Of Untrusted Data. The vulnerability is due to unsafe use of PHP’s unserialize with allowedclasses enabled when restoring OAuth token state, which allows an attacker to supply malicious serialized objects and trigger execution of arbitrary code via gadget...

9.8CVSS6.3AI score0.00622EPSS
Exploits0References3Affected Software1
nvd
nvd
added 2026/03/27 11:17 p.m.7 views

CVE-2026-33993

Locutus brings stdlibs of other programming languages to JavaScript for educational purposes. Prior to version 3.0.25, the unserialize function in locutus/php/var/unserialize assigns deserialized keys to plain objects via bracket notation without filtering the proto key. When a PHP serialized...

9.8CVSS0.00583EPSS
Exploits1References4
Rows per page
Query Builder