Remote PHP Object Injection Vulnerability in webEdition CMS Installer Script

Remote PHP Object Injection Vulnerability in webEdition CMS Installer Script

CVE-2014-2302 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

The installer script in webEdition CMS before 6.2.7-s1 and 6.3.x before 6.3.8-s1 allows remote attackers to conduct PHP Object Injection attacks by intercepting a request to update.webedition.org.

Learn more about our Web App Pen Testing.