The getObjectByToken function in Newsletter.php in the Pimcore_Tool_Newsletter module in pimcore 1.4.9 up to and including 2.1.0 does not properly handle an object obtained by unserializing a pathname, which allows remote malicious users to conduct PHP object injection attacks and delete arbitrary files via vectors involving a Zend_Http_Response_Stream object.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
pimcore pimcore 1.4.9 |
||
pimcore pimcore 1.5.0 |
||
pimcore pimcore 2.1.0 |