Karim Ouerghemmi

3 exploits Active since Jan 2019
CVE-2019-12799 METASPLOIT HIGH ruby WORKING POC
Shopware 5.3.0-5.6.x - Remote Code Execution via PHP Object Instantiation Bypass
In createInstanceFromNamedArguments in Shopware through 5.6.x, a crafted web request can trigger a PHP object instantiation vulnerability, which can result in an arbitrary deserialization if the right class is instantiated. An attacker can leverage this deserialization to achieve remote code execution. NOTE: this issue is a bypass for a CVE-2017-18357 whitelist patch.
CVSS 8.8
CVE-2017-18357 METASPLOIT MEDIUM ruby WORKING POC
Shopware < 5.3.4 - PHP Object Instantiation and XXE via ProductStream Controller
Shopware before 5.3.4 has a PHP Object Instantiation issue via the sort parameter to the loadPreviewAction() method of the Shopware_Controllers_Backend_ProductStream controller, with resultant XXE via instantiation of a SimpleXMLElement object.
CVSS 6.5
CVE-2017-18357 EXPLOITDB MEDIUM ruby WORKING POC
Shopware < 5.3.4 - PHP Object Instantiation and XXE via ProductStream Controller
Shopware before 5.3.4 has a PHP Object Instantiation issue via the sort parameter to the loadPreviewAction() method of the Shopware_Controllers_Backend_ProductStream controller, with resultant XXE via instantiation of a SimpleXMLElement object.
CVSS 6.5