CVE-2022-47083

Description

A PHP Object Injection vulnerability in the unserialize() function Spitfire CMS v1.0.475 allows authenticated attackers to execute arbitrary code via sending crafted requests to the web application.

CVSS Version 3.1

nvd
CVE ID: CVE-2022-47083
Base Score: 8.8
Base Severity: HIGH
Vector String:CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Impact Score: 5.9
Exploitability Score: 2.8

Refrence: NVD

Description​

Description