CVE-2018-1000059

ValidFormBuilder version 4.5.4 contains a PHP Object Injection vulnerability in Valid Form unserialize method that can result in Possible to execute unauthorised system commands remotely and disclose file contents in file system.

Link	Resource
https://github.com/validformbuilder/validformbuilder/issues/126	Issue Tracking Third Party Advisory

Configuration 1

cpe:2.3:a:validformbuilder:validform_builder:4.5.4:*:*:*:*:*:*:*

---

Published : 2018-02-09 11:29

Updated : 2020-08-24 05:37

---

NVD link : CVE-2018-1000059

Mitre link : CVE-2018-1000059

No products.

CWE-502

Deserialization of Untrusted Data