CVE-2022-47083EPSS p96.8%

CVE-2022-47083CVE-2022-47083

spitfire_project / spitfire

Description

A PHP Object Injection vulnerability in the unserialize() function Spitfire CMS v1.0.475 allows authenticated attackers to execute arbitrary code via sending crafted requests to the web application.

Scoring

CVSS 8.8 ()
VectorCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS18.23% probability of exploitation · percentile 96.8% · 2026-06-19T12:03:05Z
Last modified2026-06-17
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.