Description
Archive_Tar through 1.4.10 allows an unserialization attack because phar: is blocked but PHAR: is not blocked.
Remediation
References
Related Vulnerabilities
phpList Improper Neutralization of Formula Elements in a CSV File Vulnerability (CVE-2021-3188)
WordPress Plugin Booking calendar, Appointment Booking System Security Bypass (2.2.2)
WordPress Plugin Related Posts Cross-Site Request Forgery (2.7.1)
Ampache Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-51485)