Unrated severityNVD Advisory· Published Jan 24, 2014· Updated Jun 16, 2026
CVE-2013-5350
CVE-2013-5350
Description
The "Remember me" feature in the opSecurityUser::getRememberLoginCookie function in lib/user/opSecurityUser.class.php in OpenPNE 3.6.13 before 3.6.13.1 and 3.8.9 before 3.8.9.1 does not properly validate login data in HTTP Cookie headers, which allows remote attackers to conduct PHP object injection attacks, and execute arbitrary PHP code, via a crafted serialized object.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3Patches
Vulnerability mechanics
References
5- secunia.com/advisories/54043nvdVendor Advisory
- secunia.com/secunia_research/2014-1/nvdVendor Advisory
- www.openpne.jp/archives/12293/nvdVendor Advisory
- jvn.jp/en/jp/JVN69986880/index.htmlnvd
- jvndb.jvn.jp/jvndb/JVNDB-2014-000009nvd
News mentions
0No linked articles in our index yet.