A vulnerability, which was classified as critical, has been found in PHPEMS up to 1.0. Affected by this issue is the function index of the file app/weixin/controller/index.api.php. The manipulation of the argument picurl leads to deserialization. The exploit has been disclosed to the public and may be used. VDB-253226 is the identifier assigned to this vulnerability.
References
Link | Resource |
---|---|
https://note.zhaoj.in/share/nxGzfEB6fFVY | Broken Link |
https://vuldb.com/?ctiid.253226 | Permissions Required Third Party Advisory |
https://vuldb.com/?id.253226 | Permissions Required Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: VulDB
Published: 2024-02-09T00:31:06.389Z
Updated: 2024-02-09T00:31:06.389Z
Reserved: 2024-02-08T17:56:57.142Z
Link: CVE-2024-1353
JSON object: View
NVD Information
Status : Modified
Published: 2024-02-09T01:15:09.140
Modified: 2024-05-17T02:35:24.150
Link: CVE-2024-1353
JSON object: View
Redhat Information
No data.
CWE