CVE-2025-47784

MEDIUM Year: 2025
Weakness Type
CWE-502
View all →

Vulnerability Description

Emlog is an open source website building system. Versions 2.5.13 and prior have a deserialization vulnerability. A user who creates a carefully crafted nickname can cause `str_replace` to replace the value of `name_orig` with empty, causing deserialization to fail and return `false`. Commit 9643250802188b791419e3c2188577073256a8a2 fixes the issue.

Related Vulnerabilities

CVE-2018-19276

CRITICAL
CVSS:10.0(Critical)

OpenMRS before 2.24.0 is affected by an Insecure Object Deserialization vulnerability that allows an unauthenticated user to execute arbitrary commands on the targeted system via crafted XML data in a...

CWE-5022018

CVE-2018-3972

CRITICAL
CVSS:10.0(Critical)

An exploitable code execution vulnerability exists in the Levin deserialization functionality of the Epee library, as used in Monero 'Lithium Luna' (v0.12.2.0-master-ffab6700) and other cryptocurrenci...

CWE-5022018

CVE-2019-19810

CRITICAL
CVSS:10.0(Critical)

Zoom Call Recording 6.3.1 from Eleveo is vulnerable to Java Deserialization attacks targeting the inbuilt RMI service. A remote unauthenticated attacker can exploit this vulnerability by sending craft...

CWE-5022019

CVE-2020-15148

CRITICAL
CVSS:10.0(Critical)

Yii 2 (yiisoft/yii2) before version 2.0.38 is vulnerable to remote code execution if the application calls `unserialize()` on arbitrary user input. This is fixed in version 2.0.38. A possible workarou...

CWE-5022020

CVE-2021-37181

CRITICAL
CVSS:10.0(Critical)

A vulnerability has been identified in Cerberus DMS V4.0 (All versions), Cerberus DMS V4.1 (All versions), Cerberus DMS V4.2 (All versions), Cerberus DMS V5.0 (All versions < v5.0 QU1), Desigo CC Comp...

CWE-5022021

CVE-2022-38650

CRITICAL
CVSS:10.0(Critical)

A remote unauthenticated insecure deserialization vulnerability exists in VMware Hyperic Server 5.8.6. Exploitation of this vulnerability enables a malicious party to run arbitrary code or malware wit...

CWE-5022022