cve

As part of my research into Gadget Chains and PHP Object Injection, I discovered an unsafe deserialisation vulnerability in The Marketer OpenCart module.

There are Gadget Chains available in Opencart - including a few that I found and submitted to the PHPGGC project:

https://github.com/ambionics/phpggc/pull/199 (not yet merged).

The vulnerability in The Marketer module, combined with these Gadget Chains, allows remote unauthenticated RCE so it got a very high CVSS score.

As part of my research into Gadget Chains and PHP Object Injection, I discovered exploitable vulnerabilities in three different XOOPS modules.

The XOOPS team responded quickly to my report, and fixes were released not long after. They were very good to work with.

They published details here:

https://xoops.org/modules/newbb/viewtopic.php?topic_id=79555

The specific fixes were:

As part of my research into Gadget Chains and PHP Object Injection, I discovered an exploitable vulnerability in the MODX Login Extra project.

The MODX team responded immediately to my report and a fix was released within hours - very impressive!

They published details here:

https://community.modx.com/t/modx-login-extra-php-object-injection-vulne...

This was assessed as: