Open Web Analytics (OWA) before 1.5.7 allows remote attackers to conduct PHP object injection attacks via a crafted serialized object in the owa_event parameter to queue.php.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2018-04-17T19:00:00
Updated: 2024-08-06T10:06:00.285Z
Reserved: 2014-03-06T00:00:00
Link: CVE-2014-2294
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2018-04-17T19:29:00.217
Modified: 2018-05-22T15:05:13.843
Link: CVE-2014-2294
Redhat
No data.