Spitfire CMS 1.0.475 PHP Object Injection
Posted by deepcore on December 10, 2022 – 5:51 pm
Spitfire CMS version 1.0.475 is prone to a PHP object injection vulnerability due to the unsafe use of unserialize() function. A potential attacker, authenticated, could exploit this vulnerability by sending specially crafted requests to the web application containing malicious serialized input.
Post a reply
You must be logged in to post a comment.