Unpatched PHP Voyager Flaws Leave Servers Open to One-Click RCE Exploits

Updated on January 30, 2025

Three security flaws have been disclosed in the open-source PHP package Voyager that could be exploited by an attacker to achieve one-click remote code execution on affected instances.
“When an authenticated Voyager user clicks on a malicious link, attackers can execute arbitrary code on the server,” Sonar researcher Yaniv Nizry said in a write-up published earlier this week.

The…

Read the rest of the story at Read More

Source: The Hacker News

February 18, 2025 Uncategorized

Cybercriminals Exploit Onerror Event in ...

March 7, 2025 Uncategorized

PHP-CGI RCE Flaw Exploited in Attacks on...

December 10, 2024 Uncategorized

Unpatched PHP Voyager Flaws Leave Servers Open to One-Click RCE Exploits

Related posts

Cybercriminals Exploit Onerror Event in ...

PHP-CGI RCE Flaw Exploited in Attacks on...

The Future of Network Security: Automate...

Leave a Comment Cancel reply

Recent News

⚡ Weekly Recap: Nation-State Hacks, Spyware Alerts, Deepfake Malware, Supply Chain Backdoors

Perfection is a Myth. Leverage Isn’t: How Small Teams Can Secure Their Google Workspace

Golden Chickens Deploy TerraStealerV2 to Steal Browser Credentials and Crypto Wallet Data

Malicious Go Modules Deliver Disk-Wiping Linux Malware in Advanced Supply Chain Attack

Iranian Hackers Maintain 2-Year Access to Middle East CNI via VPN Flaws and Malware

U.S. Charges Yemeni Hacker Behind Black Kingdom Ransomware Targeting 1,500 Systems

TikTok Slammed With €530 Million GDPR Fine for Sending E.U. Data to China

How to Automate CVE and Vulnerability Advisory Response with Tines

MintsLoader Drops GhostWeaver via Phishing, ClickFix — Uses DGA, TLS for Stealth Attacks

Microsoft Sets Passkeys Default for New Accounts; 15 Billion Users Gain Passwordless Support