Exploits / Vulnerability Discovered : 2023-03-31 |
Type : webapps |
Platform : php
This exploit / vulnerability Spitfire cms 1.0.475 php object injection is for educational purposes only and if it is used you will do on your own risk!
Summary: Spitfire is a system to manage the content of webpages.
Desc: The application is prone to a PHP Object Injection vulnerability
due to the unsafe use of unserialize() function. A potential attacker,
authenticated, could exploit this vulnerability by sending specially
crafted requests to the web application containing malicious serialized
input.