MidnightBSD

Advisories for spitfire_project

CVE-2022-47083

A PHP Object Injection vulnerability in the unserialize() function Spitfire CMS v1.0.475 allows authenticated attackers to execute arbitrary code via sending crafted requests to the web application.

Products Affected

Vendor Product Version
spitfire_project spitfire 1.0475