Lucene search
GoogleOSV:GHSA-FMQQ-HW9M-448QHistoryMay 24, 2022 - 5:16 p.m.
Subrion CMS PHP Object Injection
2022-05-2417:16:53
Google
osv.dev
6
subrion cms
php
object injection
vulnerability
admin/blocks.php in Subrion CMS through 4.2.1 allows PHP Object Injection (with resultant file deletion) via serialized data in the subpages value within a block to blocks/edit.
References
belong2yourself.github.io/vulnerabilities/docs/Subrion%20CMS/Insecure%20Deserialization/Subpages%20-%20Authenticated%20PHP%20Object%20Injection/readme
github.com/belong2yourself/vulnerabilities/tree/master/Subrion%20CMS/Insecure%20Deserialization/Subpages%20-%20Authenticated%20PHP%20Object%20Injection
github.com/intelliants/subrion
nvd.nist.gov/vuln/detail/CVE-2020-12469
Related
cvelist
cvelist
CVE-2020-12469
2020-04-29 19:58:37
nvd
nvd
CVE-2020-12469
2020-04-29 21:15:12
veracode
veracode
PHP Object Injection
2020-04-30 04:04:15
prion
prion
Design/Logic Flaw
2020-04-29 21:15:00
github
github
Subrion CMS PHP Object Injection
2022-05-24 17:16:53
cve
cve
CVE-2020-12469
2020-04-29 21:15:12
osv
osv
CVE-2020-12469
2020-04-29 21:15:12