Posted by Egidio Romano on Jan 03
————————————————————–
qdPM <= 9.1 (executeExport) PHP Object Injection Vulnerability
————————————————————–
[-] Software Link:
[-] Affected Versions:
Version 9.1 and prior versions.
[-] Vulnerability Description:
The vulnerability is located in the
/core/apps/qdPM/modules/timeReport/actions/actions.class.php
script, specifically within the…
– Read More – Full Disclosure