5 matches found
Linux Distros Unpatched Vulnerability : CVE-2018-1999022
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PEAR HTMLQuickForm version 3.2.14 contains an eval injection CWE-95 vulnerability in HTMLQuickForm's getSubmitValue method, HTMLQuickForm's validate method,...
MGASA-2019-0049 Updated php-pear-HTML_QuickForm package fixes security vulnerability
A vulnerability in the HTMLQuickForm package has been found which potentially allows remote code execution...
UBUNTU-CVE-2018-1999022
PEAR HTMLQuickForm version 3.2.14 contains an eval injection CWE-95 vulnerability in HTMLQuickForm's getSubmitValue method, HTMLQuickForm's validate method, HTMLQuickFormhierselect's setOptions method, HTMLQuickFormelement's findValue method, HTMLQuickFormelement's prepareValue method. that can...
DEBIAN-CVE-2018-1999022
PEAR HTMLQuickForm version 3.2.14 contains an eval injection CWE-95 vulnerability in HTMLQuickForm's getSubmitValue method, HTMLQuickForm's validate method, HTMLQuickFormhierselect's setOptions method, HTMLQuickFormelement's findValue method, HTMLQuickFormelement's prepareValue method. that can...
Revive Adserver HTML_Quickform Library Security Bypass Vulnerability
Revive Adserver is an open source ad management system. Revive Adserver HTMLQuickform library has a security vulnerability that allows remote attackers can use empty tokens to bypass the CSRF protection mechanism...