Lucene search
K

29 matches found

Cvelist
Cvelist
added 2022/04/15 6:3 p.m.22 views

CVE-2022-27158

pearweb 1.32 suffers from Deserialization of Untrusted Data...

9.6AI score0.01238EPSS
Exploits0References1
OSV
OSV
added 2022/04/15 6:3 p.m.20 views

CVE-2022-27158

pearweb 1.32 suffers from Deserialization of Untrusted Data...

9.8CVSS6.8AI score0.01238EPSS
Exploits0References3
CVE
CVE
added 2022/04/15 6:3 p.m.62 views

CVE-2022-27158

The CVE-2022-27158 entry affects pearweb prior to 1.32, with the root cause being Deserialization of Untrusted Data. According to sources, this vulnerability impacts confidentiality, integrity, and availability (high impact) and is exploitable over the network with low complexity and no authentic...

9.8CVSS9.3AI score0.01238EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/04/15 6:0 p.m.22 views

CVE-2022-27157

pearweb 1.32 is suffers from a Weak Password Recovery Mechanism via include/users/passwordmanage.php...

9.6AI score0.01153EPSS
Exploits0References1
OSV
OSV
added 2022/04/15 6:0 p.m.13 views

CVE-2022-27157

pearweb 1.32 is suffers from a Weak Password Recovery Mechanism via include/users/passwordmanage.php...

9.8CVSS6.8AI score0.01153EPSS
Exploits0References3
CVE
CVE
added 2022/04/15 6:0 p.m.69 views

CVE-2022-27157

Pearweb

9.8CVSS9.3AI score0.01153EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2022/04/15 12:0 a.m.4 views

pearweb 代码问题漏洞

pearweb is a PHP extension and application repository. A security vulnerability exists in pearweb before 1.32, which stems from deserialization of untrusted data...

9.8CVSS8.4AI score0.01238EPSS
Exploits0References3
CNNVD
CNNVD
added 2022/04/15 12:0 a.m.3 views

pearweb 授权问题漏洞

pearweb is a PHP extension and application repository. pearweb has a security vulnerability that stems from a weak password recovery mechanism in include/users/passwordmanage.php, and no details of the vulnerability are currently available...

9.8CVSS5.5AI score0.01153EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2022/04/06 12:0 a.m.5 views

The vulnerability lies in the implementation of the `mt_rand()` and `time()` functions in the pearweb package’s PHP classes from the PEAR library. This allows an attacker to gain unauthorized access to protected information or execute arbitrary code.

The vulnerability in the implementation of the mtrand and time functions in the pearweb package’s PHP class library in the PEAR library is related to the use of an insufficiently secure MD5 encryption algorithm. Exploiting this vulnerability could allow an attacker to gain unauthorized access to...

7.8CVSS5.8AI score
Exploits0References6Affected Software1
Rows per page
Query Builder