Topic: php object deserialization

Sort by: Relevance | Date
  • 84,000+ Roundcube Servers at Risk from Active Exploit
    June 11, 2025
    85%

    84,000+ Roundcube Servers at Risk from Active Exploit

    A critical vulnerability (CVE-2025-49113) in Roundcube webmail servers (versions 1.1.0–1.6.10) exposes over 84,000 systems to remote code execution due to improper input sanitization in the `$_GET['_from']` parameter. Attackers can exploit the flaw via CSRF, credential scraping, or brute-force te...

    Read More »
  • Critical Roundcube Webmail Exploit Sold as Tech Details Leak
    June 7, 2025
    80%

    Critical Roundcube Webmail Exploit Sold as Tech Details Leak

    A critical vulnerability (CVE-2025-49113) in Roundcube webmail software is being actively exploited, allowing remote code execution after authentication, with a severity rating of 9.9/10. Hackers reverse-engineered the patch and are selling exploits online, targeting Roundcube’s widespread use in...

    Read More »

Related Topics

roundcube vulnerability cve-2025-49113 (2) remote code execution rce (1) exploit reverse-engineering (1) underground exploit market (1) widespread roundcube usage (1) patch urgency (1) cybersecurity threat landscape (1) Mitigation Strategies (1)
Close

Adblock Detected

We noticed you're using an ad blocker. To continue enjoying our content and support our work, please consider disabling your ad blocker for this site. Ads help keep our content free and accessible. Thank you for your understanding!