Open Web Analytics (OWA) prior to 1.5.7 allows remote malicious users to conduct PHP object injection attacks via a crafted serialized object in the owa_event parameter to queue.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
openwebanalytics open web analytics |