2 matches found
CVE-2019-9061
An issue was discovered in CMS Made Simple 2.2.8. In the module ModuleManager in the file action.installmodule.php, it is possible to reach an unserialize call with untrusted input and achieve authenticated object injection by using the "install module" feature...
CVE-2019-9061
CMS Made Simple v2.2.8 is affected via the ModuleManager’s action.installmodule.php where an unserialize call with untrusted input can be triggered, enabling authenticated object injection when using the "install module" feature. This is supported across multiple sources (NVD/CVE-2019-9061 and PT...