Acunetix DAST powers runtime capabilities for Invicti’s complete AppSec platform. Visit Invicti for more.

WEB APPLICATION VULNERABILITIES Standard & Premium

Contao Deserialization of Untrusted Data Vulnerability (CVE-2014-1860)

Description

Contao CMS through 3.2.4 has PHP Object Injection Vulnerabilities

Remediation

References

Related Vulnerabilities

Apache Tomcat 7PK - Security Features Vulnerability (CVE-2014-9635)

Oracle Database Server CVE-2017-10120 Vulnerability (CVE-2017-10120)

Jetty Uncontrolled Resource Consumption Vulnerability (CVE-2023-44487)

WordPress Plugin Theme Blvd Sliders Multiple Security Bypass Vulnerabilities (1.2.3)

WordPress Plugin Asset CleanUp:Page Speed Booster Cross-Site Scripting (1.3.6.7)

Severity

Critical

Classification

CVE-2014-1860 CWE-502 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities