Lucene search
K

4 matches found

seebug.org
seebug.org
added 2017/02/08 12:0 a.m.26 views

PEAR HTML_AJAX <= 0.5.7 (PHP Serializer) PHP object injection vulnerability

Software Link: https://pear.php.net/package/HTMLAJAX Affected Versions: All versions from 0.3.0 to 0.5.7. Vulnerability Description: The vulnerable code is located within the HTMLAJAXSerializerPHP class defined into the /AJAX/Serializer/PHP.php script. Such a class uses the unserialize PHP functi...

7.5CVSS9.9AI score0.04826EPSS
Exploits2
0day.today
0day.today
added 2017/02/07 12:0 a.m.45 views

PEAR HTML_AJAX 0.5.7 (PHP Serializer) PHP Object Injection Vulnerability

Exploit for php platform in category web applications --------------------------------------------------------------------------- PEAR HTMLAJAX = 0.5.7 PHP Serializer PHP Object Injection Vulnerability --------------------------------------------------------------------------- - Software Link:...

7.5CVSS9.2AI score0.04826EPSS
Exploits2
NVD
NVD
added 2017/02/06 6:59 p.m.15 views

CVE-2017-5677

PEAR HTMLAJAX 0.3.0 through 0.5.7 has a PHP Object Injection Vulnerability in the PHP Serializer. It allows remote code execution. In one viewpoint, the root cause is an incorrect regular expression...

9.8CVSS9.9AI score0.04826EPSS
Exploits2References6
CVE
CVE
added 2017/02/06 6:0 p.m.57 views

CVE-2017-5677

Summary: CVE-2017-5677 affects PEAR HTML_AJAX versions 0.3.0–0.5.7. The vulnerability is a PHP Object Injection in the HTML_AJAX_Serializer_PHP class, which uses unserialize() on user-controlled input. The root cause is described as an incorrect regular expression used to extract class names, all...

9.8CVSS9.8AI score0.04826EPSS
Exploits2References6Affected Software1
Rows per page
Query Builder