Description Contao CMS through 3.2.4 has PHP Object Injection Vulnerabilities Remediation References CVE-2014-1860 Related Vulnerabilities WordPress Plugin VideoWhisper Video Conference Integration 'vw_upload.php' Arbitrary File Upload (4.51) WordPress Other Vulnerability (CVE-2006-6017) Oracle Database Server CVE-2011-0879 Vulnerability (CVE-2011-0879) Claroline Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2006-4844) Drupal Core 9.3.x Cross-Site Scripting (9.3.0 - 9.3.2) Severity Critical Classification CVE-2014-1860 CWE-502 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Tags Missing Update Known Vulnerabilities