New vulnerability on the NVD: CVE-2014-2293

March 26, 2018

Zikula Application Framework before 1.3.7 build 11 allows remote attackers to conduct PHP object injection attacks and delete arbitrary files or execute arbitrary PHP code via crafted serialized data in the (1) authentication_method_ser or (2) authentication_info_ser parameter to index.php, or (3) zikulaMobileTheme parameter to index.php.

Published at: March 26, 2018 at 11:29PM

Search This Blog

New York Fashion Week

New vulnerability on the NVD: CVE-2014-2293

Comments

Post a Comment

Popular posts from this blog

New story on InStyle: Prince Andrew's Friends Are Now Calling the Allegations Against Him a "Witch Hunt"

New story on InStyle: Melania Trump Leaves Hospital After "Successful" Kidney Surgery

New story on InStyle: How Cannabis Company Lord Jones Was Born