The installer script in webEdition CMS before 6.2.7-s1 and 6.3.x before 6.3.8-s1 allows remote attackers to conduct PHP Object Injection attacks by intercepting a request to update.webedition.org.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2018-07-19T17:00:00

Updated: 2024-08-06T10:06:00.206Z

Reserved: 2014-03-06T00:00:00

Link: CVE-2014-2302

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2018-07-19T17:29:00.313

Modified: 2024-11-21T02:06:02.167

Link: CVE-2014-2302

cve-icon Redhat

No data.