CVE-2014-1860

Published: Jan 8, 2020Modified: Nov 21, 2024

9.8

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 3.9 / Impact: 5.9

Source: NVD

Description

Contao CMS through 3.2.4 has PHP Object Injection Vulnerabilities

Affected (1)

Products: Contao: Contao Cms

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Contao Contao Cms	Up to 3.2.4

Related CWEs

Deserialization of Untrusted Data

The product deserializes untrusted data without sufficiently verifying that the resulting data will be valid.

References (10)

http://www.openwall.com/lists/oss-security/2014/02/03/14

Source: cve@mitre.org

Mailing ListPatchThird Party Advisory

http://www.openwall.com/lists/oss-security/2014/02/07/7

Source: cve@mitre.org

Mailing ListThird Party Advisory

http://www.securityfocus.com/bid/65293

Source: cve@mitre.org

Third Party AdvisoryVDB Entry

https://packetstormsecurity.com/files/cve/CVE-2014-1860

Source: cve@mitre.org

Third Party AdvisoryVDB Entry

https://www.exploit-database.net/?id=21609

Source: cve@mitre.org

ExploitThird Party Advisory

http://www.openwall.com/lists/oss-security/2014/02/03/14

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListPatchThird Party Advisory

http://www.openwall.com/lists/oss-security/2014/02/07/7

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

http://www.securityfocus.com/bid/65293

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

https://packetstormsecurity.com/files/cve/CVE-2014-1860

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

https://www.exploit-database.net/?id=21609

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party Advisory

Timeline

No history available yet.