2 matches found
CVE-2017-1000148
Mahara 15.04 before 15.04.8 and 15.10 before 15.10.4 and 16.04 before 16.04.2 are vulnerable to PHP code execution as Mahara would pass portions of the XML through the PHP "unserialize" function when importing a skin from an XML file...
CVE-2017-1000148
Mahara is affected in 15.04 before 15.04.8, 15.10 before 15.10.4, and 16.04 before 16.04.2. The vulnerability arises when Mahara imports an XML skin, as portions of the XML are passed to PHP unserialize(), enabling PHP code execution. The issue is documented across multiple sources (e.g., NVD/CNV...