PHP Object Injection Vulnerability in Open Web Analytics (OWA) 1.5.7 and earlier
CVE-2014-2294 · HIGH Severity
AV:N/AC:L/AU:N/C:P/I:P/A:P
Open Web Analytics (OWA) before 1.5.7 allows remote attackers to conduct PHP object injection attacks via a crafted serialized object in the owa_event parameter to queue.php.
Learn more about our Web App Pen Testing.