2 matches found
CVE-2017-5543
includes/classes/ia.core.users.php in Subrion CMS 4.0.5 allows remote attackers to conduct PHP Object Injection attacks via crafted serialized data in a salt cookie in a login request...
CVE-2017-5543
CVE-2017-5543 affects Subrion CMS 4.0.5 where a vulnerable PHP file, includes/classes/ia.core.users.php, allows remote attackers to perform PHP Object Injection via crafted serialized data in a salt cookie during login. Public references and CVSS indicate a high-severity impact (NVD lists base sc...