In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applicationsLearn about Deserialization of Untrusted Data vulnerabilities in an interactive lesson.
Start learningUpgrade ezsystems/ezpublish-legacy
to version 5.3.12.6, 5.4.12.3, 2017.12.4.3, 2018.6.1.4, 2018.9.1.3 or higher.
ezsystems/ezpublish-legacy is a professional PHP application framework with advanced CMS functionality.
Affected versions of this package are vulnerable to Deserialization of Untrusted Data. PHAR archives may be crafted such that its stream wrapper will execute them without being specifically asked to. With such files, any PHP file operation may cause deserialization and execution.