4 matches found
CVE-2022-47083
A PHP Object Injection vulnerability in the unserialize function Spitfire CMS v1.0.475 allows authenticated attackers to execute arbitrary code via sending crafted requests to the web application...
CVE-2022-47083
A PHP Object Injection vulnerability in the unserialize function Spitfire CMS v1.0.475 allows authenticated attackers to execute arbitrary code via sending crafted requests to the web application...
CVE-2022-47083
CVE-2022-47083 affects Spitfire CMS 1.0.475 and is a PHP Object Injection via unsafe use of unserialize(), enabling authenticated attackers to execute arbitrary code by sending crafted requests. Concrete details from multiple sources cite the vulnerability in the cms_backup_values handling (e.g.,...
Spitfire CMS 1.0.475 (cms_backup_values) PHP Object Injection
Summary Spitfire is a system to manage the content of webpages. Description The application is prone to a PHP Object Injection vulnerability due to the unsafe use of unserialize function. A potential attacker, authenticated, could exploit this vulnerability by sending specially crafted requests t...