[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FD] AnchorCMS - PHP Object Injection (CVE-2015-5687) and More

To: fulldisclosure@xxxxxxxxxxxx
Subject: Re: [FD] AnchorCMS - PHP Object Injection (CVE-2015-5687) and More
From: Scott Arciszewski <scott@xxxxxxxxxxxxx>
Date: Fri, 28 Aug 2015 03:20:39 -0400

Corrected links:

> https://github.com/anchorcms/anchor-cms/blob/07933dbc7939326bb4973827a0934d1a610851d1/system/helpers.php#L55-L59
> https://github.com/anchorcms/anchor-cms/blob/66581e5969029e7b6dfddfe3326bb9f15f27b859/anchor/libraries/hash.php#L15

Scott Arciszewski
Chief Development Officer
Paragon Initiative Enterprises <https://paragonie.com>

_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

References:
- [FD] AnchorCMS - PHP Object Injection (CVE-2015-5687) and More
  - From: Scott Arciszewski

Prev by Date: [FD] Photo Transfer (2) v1.0 iOS - Denial of Service Vulnerability
Next by Date: [FD] KnowledgeTree OSS 3.0.3b Reflected XSS (Cross-site Scripting) Web Application 0-Day Security Bug
Previous by thread: [FD] AnchorCMS - PHP Object Injection (CVE-2015-5687) and More
Next by thread: [FD] CSRF/XSS vulnerability in Private Only could allow an attacker to do almost anything an admin user can (WordPress plugin)
Index(es):
- Date
- Thread