2 matches found
The vulnerability of the `getIterator` function in the symfony\finder\Iterator\SortableIterator.php file of the PHP framework Yii allows a attacker to execute arbitrary code.
The vulnerability of the getIterator function in the symfony\finder\Iterator\SortableIterator.php file of the PHP framework Yii is related to deserialization mechanism vulnerabilities. Exploiting this vulnerability could allow an attacker to execute arbitrary code by injecting specially crafted...
Deserialization of Untrusted Data
Overview yiisoft/yii2-dev is a Fast, Secure and Professional PHP Framework. Affected versions of this package are vulnerable to Deserialization of Untrusted Data in the Symfony getIterator function. Details Serialization is a process of converting an object into a sequence of bytes which can be...