Description
plugins/system/remember/remember.php in Joomla! 2.5.x before 2.5.10 and 3.0.x before 3.0.4 does not properly handle an object obtained by unserializing a cookie, which allows remote authenticated users to conduct PHP object injection attacks and cause a denial of service via unspecified vectors.
Remediation
References
Related Vulnerabilities
MySQL CVE-2019-2911 Vulnerability (CVE-2019-2911)
PHP Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-3365)
WordPress Plugin InfiniteWP Client Security Bypass (1.3.7)
WordPress Plugin Evarisk 'uploadPhotoApres.php' Arbitrary File Upload (5.1.5.4)
WordPress Plugin The Welcomizer 'twiz-index.php' Cross-Site Scripting (1.3.9.4)