14 matches found
EUVD-2018-10716
Malware in sbrugna...
EUVD-2015-7288
Malware in sbrugna...
Mageia: Security Advisory (MGASA-2019-0049)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Updated php-pear-HTML_QuickForm package fixes security vulnerability
A vulnerability in the HTMLQuickForm package has been found which potentially allows remote code execution...
CVE-2018-1999022
PEAR HTMLQuickForm version 3.2.14 contains an eval injection CWE-95 vulnerability in HTMLQuickForm's getSubmitValue method, HTMLQuickForm's validate method, HTMLQuickFormhierselect's setOptions method, HTMLQuickFormelement's findValue method, HTMLQuickFormelement's prepareValue method. that can...
Design/Logic Flaw
PEAR HTMLQuickForm version 3.2.14 contains an eval injection CWE-95 vulnerability in HTMLQuickForm's getSubmitValue method, HTMLQuickForm's validate method, HTMLQuickFormhierselect's setOptions method, HTMLQuickFormelement's findValue method, HTMLQuickFormelement's prepareValue method. that can...
CVE-2018-1999022
PEAR HTMLQuickForm version 3.2.14 contains an eval injection CWE-95 vulnerability in HTMLQuickForm's getSubmitValue method, HTMLQuickForm's validate method, HTMLQuickFormhierselect's setOptions method, HTMLQuickFormelement's findValue method, HTMLQuickFormelement's prepareValue method. that can...
CVE-2018-1999022
PEAR HTMLQuickForm version 3.2.14 contains an eval injection CWE-95 vulnerability in HTMLQuickForm's getSubmitValue method, HTMLQuickForm's validate method, HTMLQuickFormhierselect's setOptions method, HTMLQuickFormelement's findValue method, HTMLQuickFormelement's prepareValue method. that can...
CVE-2018-1999022
PEAR HTMLQuickForm version 3.2.14 contains an eval injection CWE-95 vulnerability in HTMLQuickForm's getSubmitValue method, HTMLQuickForm's validate method, HTMLQuickFormhierselect's setOptions method, HTMLQuickFormelement's findValue method, HTMLQuickFormelement's prepareValue method. that can...
CVE-2018-1999022
The CVE-2018-1999022 entry concerns PEAR HTML_QuickForm version 3.2.14, where an eval injection vulnerability exists in multiple methods (getSubmitValue, validate, hierselect _setOptions, element _findValue, element _prepareValue). The described exploit could lead to information disclosure, data ...
CVE-2018-1999022
PEAR HTMLQuickForm version 3.2.14 contains an eval injection CWE-95 vulnerability in HTMLQuickForm's getSubmitValue method, HTMLQuickForm's validate method, HTMLQuickFormhierselect's setOptions method, HTMLQuickFormelement's findValue method, HTMLQuickFormelement's prepareValue method. that can...
CVE-2015-7364
The HTMLQuickform library, as used in Revive Adserver before 3.2.2, allows remote attackers to bypass the CSRF protection mechanism via an empty token...
CVE-2015-7364
The HTMLQuickform library, as used in Revive Adserver before 3.2.2, allows remote attackers to bypass the CSRF protection mechanism via an empty token...
CVE-2015-7364
CVE-2015-7364 affects Revive Adserver up to and including version 3.2.1, where the HTML_Quickform library allows bypassing CSRF protection by sending an empty token in POST data. This enables potential unauthorized actions such as modifying banners, zones, and settings. The entry is mitigated by ...