Deserialization of Untrusted Data
phpMussel has an deserialization vulnerability in the phar wrapper. Uploading a specially crafted file to an affected version allows arbitrary code execution.
Advisories for Composer/Phpmussel/Phpmussel package
2020
phpMussel has an deserialization vulnerability in the phar wrapper. Uploading a specially crafted file to an affected version allows arbitrary code execution.