CVE-2013-7034

The setCookieValue function in _lib/functions.global.inc.php in LiveZilla before 5.1.2.1 allows remote attackers to execute arbitrary PHP code via a serialized PHP object in a cookie.

Date published : 2014-05-05

http://www.securityfocus.com/bid/64383

http://archives.neohapsis.com/archives/bugtraq/2013-12/0078.html