VYPR
Unrated severityNVD Advisory· Published Feb 9, 2024· Updated May 8, 2025

PHPEMS index.api.php index deserialization

CVE-2024-1353

Description

A vulnerability, which was classified as critical, has been found in PHPEMS up to 1.0. Affected by this issue is the function index of the file app/weixin/controller/index.api.php. The manipulation of the argument picurl leads to deserialization. The exploit has been disclosed to the public and may be used. VDB-253226 is the identifier assigned to this vulnerability.

Affected products

2
  • Phpems/Phpemsllm-fuzzy2 versions
    <=1.0+ 1 more
    • (no CPE)range: <=1.0
    • (no CPE)range: 1.0

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.