Description

plugins/system/remember/remember.php in Joomla! 2.5.x before 2.5.10 and 3.0.x before 3.0.4 does not properly handle an object obtained by unserializing a cookie, which allows remote authenticated users to conduct PHP object injection attacks and cause a denial of service via unspecified vectors.

Remediation

References

CVE-2013-3242

Related Vulnerabilities

Oracle Database Server CVE-2019-2547 Vulnerability (CVE-2019-2547)

Apache 2.x version older than 2.0.46

WordPress Plugin RocketTheme RokBox 'jwplayer.swf' Cross-Site Scripting (2.11)

IBM WebSEAL Use of a Broken or Risky Cryptographic Algorithm Vulnerability (CVE-2023-38371)

WordPress 5.0.x Multiple Vulnerabilities (5.0 - 5.0.9)

Severity

Medium

Classification

CVE-2013-3242 CWE-20

Tags

Missing Update Known Vulnerabilities