Vulnerabilities > Pear > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-02-06 | CVE-2017-5677 | PHP Object Injection vulnerability in PEAR HTML_AJAX PEAR HTML_AJAX 0.3.0 through 0.5.7 has a PHP Object Injection Vulnerability in the PHP Serializer. | 7.5 |
| 2009-11-29 | CVE-2009-4023 | Code Injection vulnerability in Pear 1.1.14 Argument injection vulnerability in the sendmail implementation of the Mail::Send method (Mail/sendmail.php) in the Mail package 1.1.14 for PEAR allows remote attackers to read and write arbitrary files via a crafted $from parameter, a different vector than CVE-2009-4111. | 7.5 |
| 2006-02-23 | CVE-2006-0868 | SQL Injection vulnerability in PEAR::Auth Multiple unspecified injection vulnerabilities in unspecified Auth Container back ends for PEAR::Auth before 1.2.4, and 1.3.x before 1.3.0r4, allow remote attackers to "falsify authentication credentials," related to the "underlying storage containers." | 7.5 |