2 matches found
CVE-2019-9057
An issue was discovered in CMS Made Simple 2.2.8. In the module FilePicker, it is possible to reach an unserialize call with an untrusted parameter, and achieve authenticated object injection...
CVE-2019-9057
CVE-2019-9057 affects CMS Made Simple 2.2.8 in the FilePicker module, where an unserialize call with an untrusted parameter allows authenticated object injection. NVD notes a CVSS2 base score of 6.5 and CVSS3.1 base score of 8.8 (high). Connected sources reference a fixed release in CMS Made Simp...