2 matches found
Exploit for Deserialization of Untrusted Data in Phpems
CVE-2023-6654 PHPEMS Cookie Deserialization Vulnerability...
CVE-2023-6654
PHPEMS vulnerable in Library: deserialization flaw in lib/session.cls.php of Session Data Handler across PHPEMS 6.x–9.0. Deserialization manipulation allows remote abuse; exploit disclosed publicly (VDB-247357). Several sources corroborate: CVE-2023-6654 entry notes remote attack and public explo...