Full title: Spitfire CMS 1.0.475 PHP Object Injection Vulnerability 
Category: web applications
Platform: php
Spitfire CMS version 1.0.475 is prone to a PHP object injection vulnerability due to the unsafe use of unserialize() function. A potential attacker, authenticated, could exploit this vulnerability by sending specially crafted requests to the web application containing malicious serialized input.

# 0day.today @ http://0day.today/