Primary

Context

Eniture Technology LTL Freight Quotes – Day & Ross Edition PHP Object Injection Vulnerability

Vulnerability

Patched

A deserialization vulnerability allowing PHP object injection has been identified in the Eniture Technology LTL Freight Quotes – Day & Ross Edition plugin, affecting versions through 2.1.11. This vulnerability could potentially lead to code execution, SQL injection, path traversal, denial of service, and more, if a suitable object injection chain is exploited.

Impact

Exploitation of this vulnerability allows for PHP object injection, which could be leveraged to execute arbitrary code, inject malicious SQL, traverse file paths inappropriately, cause a denial of service, and potentially more, depending on the presence of a suitable object injection chain.

Remediation

Users of the Eniture Technology LTL Freight Quotes – Day & Ross Edition plugin should update to version 2.1.12 or later to address this vulnerability.

Added: Sep 3, 2025, 3:24 PM

Updated: Sep 3, 2025, 3:24 PM

Vulnerability Rating

Custom Algorithm

spread

1.0

impact

0.6

exploitability

5.0

remediation

7.7

relevance

0.5

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

1.0

impact

0.6

exploitability

5.0

remediation

7.7

relevance

0.5

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Eniture Technology LTL Freight Quotes – Day & Ross Edition PHP Object Injection Vulnerability

Vulnerability

Impact

Remediation

Affected Products

enituretechnology LTL Freight Quotes – Day & Ross Edition

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating