CVE-2024-1225
CVE-2024-1225 affects QiboSoft QiboCMS X1 up to 1.0.6. The vulnerability resides in the Pay.php function rmb_pay, where manipulating the callback_class argument leads to deserialization. The issue can be exploited remotely and has been publicly disclosed. Connected sources consistently describe a...