Piwik unserializes() user input which allows an attacker to send a carefully crafted cookie that when unserialized utilizes Piwik's classes to upload arbitrary files or execute arbitrary PHP code.

-</p>

Make your website safer. Use external penetration testing (http://www.beyondsecurity.com/penetration-testing.html) service. First report ready in one hour!</p>

**Hidden Content: Check the thread to see hidden data.**

Piwik unserializes() user input which allows an attacker to send a carefully crafted cookie that when unserialized utilizes Piwik's classes to upload arbitrary files or execute arbitrary PHP code.

-</p>

Make your website safer. Use external penetration testing (http://www.beyondsecurity.com/penetration-testing.html) service. First report ready in one hour!</p>

**Hidden Content: Check the thread to see hidden data.**