Lucene search

White Label CMS < 2.5 - Admin+ PHP Object Injection

🗓️ 08 Dec 2022 00:00:00Reported by thinhnguyen1337Type

White Label CMS < 2.5 - Admin+ PHP Object Injection. Unserialization of user input via settings allows high-privilege users to perform PHP Object Injection if a suitable gadget is present. To simulate, create a file named "import.txt" with code: O:4:"Evil":0:{}; and import via "Import Settings" feature in White Label CMS

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 7
Vulnrichment	CVE-2022-4302 White Label CMS < 2.5 - Admin+ PHP Object Injection	2 Jan 202321:49	–	vulnrichment
Prion	Design/Logic Flaw	2 Jan 202322:15	–	prion
wpexploit	White Label CMS < 2.5 - Admin+ PHP Object Injection	8 Dec 202200:00	–	wpexploit
CVE	CVE-2022-4302	2 Jan 202322:15	–	cve
Cvelist	CVE-2022-4302 White Label CMS < 2.5 - Admin+ PHP Object Injection	2 Jan 202321:49	–	cvelist
OpenVAS	WordPress White Label CMS Plugin < 2.5 PHP Object Injection Vulnerability	3 Jan 202300:00	–	openvas
NVD	CVE-2022-4302	2 Jan 202322:15	–	nvd

Vulners

Node

videousermanuals white-label-cmsRange<2.5

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

08 Dec 2022 00:00Current

0.5Low risk

Vulners AI Score0.5

EPSS0.12283