WEB APPLICATION VULNERABILITIES Standard & Premium

Contao Deserialization of Untrusted Data Vulnerability (CVE-2014-1860)

Description

Contao CMS through 3.2.4 has PHP Object Injection Vulnerabilities

Remediation

References

Related Vulnerabilities

MySQL Out-of-bounds Write Vulnerability (CVE-2020-15358)

Oracle JRE CVE-2013-1479 Vulnerability (CVE-2013-1479)

Internet Information Services Other Vulnerability (CVE-2003-0224)

Oracle JRE CVE-2020-2773 Vulnerability (CVE-2020-2773)

WordPress Plugin Advanced Custom Fields (ACF) 'acf_abspath' Parameter Remote File Include (3.5.1)

Severity

Critical

Classification

CVE-2014-1860 CWE-502 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities