• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-502

CVE-2022-44351

February 23, 2023 by godfreyd94

Skycaiji v2.5.1 was discovered to contain a deserialization vulnerability via /SkycaijiApp/admin/controller/Mystore.php.

CVE-2022-44371

February 23, 2023 by godfreyd94

hope-boot 1.0.0 has a deserialization vulnerability that can cause Remote Code Execution (RCE).

CVE-2022-4324

February 23, 2023 by godfreyd94

The Custom Field Template WordPress plugin before 2.5.8 unserialises the content of an imported file, which could lead to PHP object injections issues when a high privilege user import (intentionally or not) a malicious Customizer Styling file and a suitable gadget chain is present on the blog.

CVE-2022-4323

February 23, 2023 by godfreyd94

The Analyticator WordPress plugin before 6.5.6 unserializes user input provided via the settings, which could allow high privilege users such as admin to perform PHP Object Injection when a suitable gadget is present

CVE-2022-43019

February 23, 2023 by godfreyd94

OpenCATS v0.9.6 was discovered to contain a remote code execution (RCE) vulnerability via the getDataGridPager’s ajax functionality.

CVE-2022-4302

February 23, 2023 by godfreyd94

The White Label CMS WordPress plugin before 2.5 unserializes user input provided via the settings, which could allow high-privilege users such as admin to perform PHP Object Injection when a suitable gadget is present.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 103
  • Go to page 104
  • Go to page 105
  • Go to page 106
  • Go to page 107
  • Interim pages omitted …
  • Go to page 129
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE