CVE-2023-6654

Name of the Vulnerable Software and Affected Versions PHPEMS versions 6.x through 9.0

Description A critical vulnerability was found in the library lib/session.cls.php of the component Session Data Handler, affecting an unknown functionality. The manipulation leads to deserialization and can be launched remotely. The exploit has been disclosed to the public and may be used.

Recommendations For PHPEMS versions 6.x through 9.0, at the moment, there is no information about a newer version that contains a fix for this vulnerability.