The installer script in webEdition CMS prior to 6.2.7-s1 and 6.3.x prior to 6.3.8-s1 allows remote malicious users to conduct PHP Object Injection attacks by intercepting a request to update.webedition.org.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
webedition webedition cms 6.2.7.0 |
||
webedition webedition cms |
||
webedition webedition cms 6.3.8 |