PHP Object Injection Vulnerability in Spitfire CMS 1.0.475

CVE-2022-47083 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

A PHP Object Injection vulnerability in the unserialize() function Spitfire CMS v1.0.475 allows authenticated attackers to execute arbitrary code via sending crafted requests to the web application.

Learn more about our Web App Pen Testing.