CVE-2023-6654 | PHPEMS 6.x/7.0 Session Data lib/session.cls.php deserialization

Posted by Angelo Barbosa | Dec 9, 2023 | CVE

A vulnerability classified as critical was found in PHPEMS 6.x/7.0. Affected by this vulnerability is an unknown functionality in the library lib/session.cls.php of the component Session Data Handler. The manipulation leads to deserialization.

This vulnerability is known as CVE-2023-6654. The attack can be launched remotely. Furthermore, there is an exploit available.

CVE-2023-6654 | PHPEMS 6.x/7.0 Session Data lib/session.cls.php deserialization

Related Posts

CVE-2024-8594 | Autodesk AutoCAD 2025.1 MODEL File libodxdll.dll heap-based overflow

CVE-2024-1780 | BizCalendar Plugin up to 1.1.0.19 on WordPress tab cross site scripting

CVE-2024-4448 | wpdevteam Essential Addons for Elementor Plugin up to 5.9.19 on WordPress cross site scripting

CVE-2024-31306 | WPDeveloper Essential Blocks for Gutenberg Plugin up to 4.5.3 on WordPress cross site scripting