Michael M Slusarz

1 exploit Active since Apr 2014
CVE-2014-1691 WRITEUP WRITEUP
Horde Application Framework < 5.1.1 - Remote Code Execution via Serialized Object in _formvars
The framework/Util/lib/Horde/Variables.php script in the Util library in Horde before 5.1.1 allows remote attackers to conduct object injection attacks and execute arbitrary PHP code via a crafted serialized object in the _formvars form.