CVE-2014-1691
EPSS 81.3%horde3 - Remote code execution
發布日:2014/4/1修改日:2026/4/28
描述
The framework/Util/lib/Horde/Variables.php script in the Util library in Horde before 5.1.1 allows remote attackers to conduct object injection attacks and execute arbitrary PHP code via a crafted serialized object in the _formvars form.
受影響套件(2)
- Debian/horde3from 0, < 3.3.8+debian0-3
- Debian/php-horde-utilfrom 0, < 2.3.0-1