Primary

Context

UNA CMS PHP Object Injection Vulnerability in BxBaseMenuSetAclLevel.php

Vulnerability

Patched

A PHP object injection vulnerability has been identified in UNA CMS versions 9.0.0-RC1 prior to 14.0.0-RC4. The issue arises in the BxBaseMenuSetAclLevel.php file, where the profile_id POST parameter is passed to the PHP unserialize() function without proper sanitization. This vulnerability allows remote, unauthenticated attackers to inject arbitrary PHP objects, which could be exploited to execute arbitrary PHP code on the server.

Impact

Exploitation of this vulnerability allows for PHP object injection, which can be used to execute arbitrary PHP code on the server.

Reproduction

To reproduce this vulnerability, send a POST request to the 'menu.php' endpoint with the 'profile_id' parameter containing a serialized object that, when unserialized, could be used to execute arbitrary PHP code. The 'level_id' parameter must also be included in the request.

Remediation

Users are advised to upgrade to UNA CMS version 14.0.0-RC5 or later.

Added: Dec 4, 2025, 9:22 PM

Updated: Dec 4, 2025, 9:22 PM

Vulnerability Rating

Custom Algorithm

spread

1.0

impact

7.5

exploitability

9.7

remediation

7.7

relevance

1.3

threat

6.4

urgency

2.9

incentive

10.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

1.0

impact

7.5

exploitability

9.7

remediation

7.7

relevance

1.3

threat

6.4

urgency

2.9

incentive

10.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

UNA CMS PHP Object Injection Vulnerability in BxBaseMenuSetAclLevel.php

Vulnerability

Impact

Reproduction

Remediation

Affected Products

UNA CMS

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating