Show filters
1 Total Results
Displaying 1-1 of 1
Sort by:
Attacker Value
Unknown

CVE-2019-9057

Disclosure Date: March 26, 2019 (last updated November 27, 2024)
An issue was discovered in CMS Made Simple 2.2.8. In the module FilePicker, it is possible to reach an unserialize call with an untrusted parameter, and achieve authenticated object injection.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0