DEBIAN-CVE-2018-1999022

PEAR HTMLQuickForm version 3.2.14 contains an eval injection CWE-95 vulnerability in HTMLQuickForm's getSubmitValue method, HTMLQuickForm's validate method, HTMLQuickFormhierselect's setOptions method, HTMLQuickFormelement's findValue method, HTMLQuickFormelement's prepareValue method. that can...

CVE-2018-1999022

PEAR HTMLQuickForm version 3.2.14 contains an eval injection CWE-95 vulnerability in HTMLQuickForm's getSubmitValue method, HTMLQuickForm's validate method, HTMLQuickFormhierselect's setOptions method, HTMLQuickFormelement's findValue method, HTMLQuickFormelement's prepareValue method. that can...

CVE-2018-1999022

PEAR HTMLQuickForm version 3.2.14 contains an eval injection CWE-95 vulnerability in HTMLQuickForm's getSubmitValue method, HTMLQuickForm's validate method, HTMLQuickFormhierselect's setOptions method, HTMLQuickFormelement's findValue method, HTMLQuickFormelement's prepareValue method. that can...

CVE-2018-1999022

The CVE-2018-1999022 entry concerns PEAR HTML_QuickForm version 3.2.14, where an eval injection vulnerability exists in multiple methods (getSubmitValue, validate, hierselect _setOptions, element _findValue, element _prepareValue). The described exploit could lead to information disclosure, data ...

CVE-2018-1999022

PEAR HTMLQuickForm version 3.2.14 contains an eval injection CWE-95 vulnerability in HTMLQuickForm's getSubmitValue method, HTMLQuickForm's validate method, HTMLQuickFormhierselect's setOptions method, HTMLQuickFormelement's findValue method, HTMLQuickFormelement's prepareValue method. that can...

Moodle 3.x Multiple Vulnerabilities (May 2018) - Linux

Moodle CMS is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:moodle:moodle"; ifdescription...

UBUNTU-CVE-2018-1133

An issue was discovered in Moodle 3.x. A Teacher creating a Calculated question can intentionally cause remote code execution on the server, aka eval injection...

CVE-2018-1133

An issue was discovered in Moodle 3.x. A Teacher creating a Calculated question can intentionally cause remote code execution on the server, aka eval injection...

Design/Logic Flaw

An issue was discovered in Moodle 3.x. A Teacher creating a Calculated question can intentionally cause remote code execution on the server, aka eval injection...

CVE-2018-1133

An issue was discovered in Moodle 3.x. A Teacher creating a Calculated question can intentionally cause remote code execution on the server, aka eval injection...

CVE-2018-1133

An issue was discovered in Moodle 3.x. A Teacher creating a Calculated question can intentionally cause remote code execution on the server, aka eval injection...

CVE-2018-1133

Moodle 3.x is affected by CVE-2018-1133 via the Calculated question type. A teacher can cause remote code execution on the server through eval injection. Root cause is input evaluated by the server (eval) when creating Calculated questions. Impact is remote code execution with high severity (CVE-...

CVE-2018-1133

An issue was discovered in Moodle 3.x. A Teacher creating a Calculated question can intentionally cause remote code execution on the server, aka eval injection...

Google Forms < 0.94 - Eval Injection

The Google Forms WordPress plugin was affected by an Eval Injection security vulnerability...

CVE-2018-8756

Eval injection in yzmphp/core/function/global.func.php in YzmCMS v3.7.1 allows remote attackers to achieve arbitrary code execution via PHP code in the POST data of an index.php?m=member&c=membercontent&a=init request...

CVE-2018-8756

Eval injection in yzmphp/core/function/global.func.php in YzmCMS v3.7.1 allows remote attackers to achieve arbitrary code execution via PHP code in the POST data of an index.php?m=member&c=membercontent&a=init request...

CVE-2018-8756

Eval injection in yzmphp/core/function/global.func.php in YzmCMS v3.7.1 allows remote attackers to achieve arbitrary code execution via PHP code in the POST data of an index.php?m=member&c=membercontent&a=init request...

CVE-2018-8756

YzmCMS v3.7.1 is affected by CVE-2018-8756 due to an eval injection in yzmphp/core/function/global.func.php. The vulnerability allows remote code execution via PHP code supplied in the POST data of the request index.php?m=member&c=member_content&a=init. The connected CNVD/CNVD-derived records cor...

CVE-2018-1000070

Bitmessage PyBitmessage version v0.6.2 and introduced in or after commit 8ce72d8d2d25973b7064b1cf76a6b0b3d62f0ba0 contains a Eval injection vulnerability in main program, file src/messagetypes/init.py function constructObject that can result in Code Execution. This attack appears to be exploitabl...

Design/Logic Flaw

Bitmessage PyBitmessage version v0.6.2 and introduced in or after commit 8ce72d8d2d25973b7064b1cf76a6b0b3d62f0ba0 contains a Eval injection vulnerability in main program, file src/messagetypes/init.py function constructObject that can result in Code Execution. This attack appears to be exploitabl...