Vulnerabilities > CVE-2018-1000059 - Deserialization of Untrusted Data vulnerability in Validformbuilder Validform Builder 4.5.4
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
ValidFormBuilder version 4.5.4 contains a PHP Object Injection vulnerability in Valid Form unserialize method that can result in Possible to execute unauthorised system commands remotely and disclose file contents in file system.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |