Lucene search
BugbangWPVDB-ID:FB6C407C-713C-4E83-92CE-4E5F791BE696HistoryJun 08, 2021 - 12:00 a.m.
JoomSport < 5.1.8 - Unauthenticated PHP Object Injection
2021-06-0800:00:00
Bugbang
wpscan.com
10
0.006 Low
EPSS
Percentile
78.3%
The joomsport_md_load AJAX action of the plugin, registered for both unauthenticated and unauthenticated users, unserialised user input from the shattr POST parameter, leading to a PHP Object Injection issue. Even though the plugin does not have a suitable gadget chain to exploit this, other installed plugins could, which might lead to more severe issues such as RCE
PoC
POST /wp-admin/admin-ajax.php […] action=joomsport_md_load&mdId;=1&shattr;=Tzo0OiJURVNUIjowOnt9
| CPE | Name | Operator | Version |
|---|---|---|---|
| joomsport-sports-league-results-management | lt | 5.1.8 |
Related
cve
cve
CVE-2021-24384
2021-07-06 11:15:08
patchstack
patchstack
nvd
nvd
CVE-2021-24384
2021-07-06 11:15:08
wpexploit
wpexploit
JoomSport < 5.1.8 - Unauthenticated PHP Object Injection
2021-06-08 00:00:00
prion
prion
Crlf injection
2021-07-06 11:15:00
cvelist
cvelist
CVE-2021-24384 JoomSport < 5.1.8 - Unauthenticated PHP Object Injection
2021-07-06 11:03:27