2 matches found
CVE-2013-7034
LiveZilla is vulnerable to PHP Object Injection through the setCookieValue() function in _lib/functions.global.inc.php. The issue allows an attacker to inject a serialized PHP object via a cookie, enabling remote code execution. This vulnerability affects LiveZilla up to version 5.1.2.0 and is fi...
LiveZilla < 5.1.2.1 Multiple Vulnerabilities
The version of LiveZilla hosted on the remote web server is affected by multiple vulnerabilities : - The application is affected by multiple cross-site scripting XSS vulnerabilities because it fails to properly sanitize user-supplied input. Note that CVE-2013-7003 was reportedly fixed in version...