PHP Object Injection Vulnerability in PEAR HTML_AJAX PHP Serializer
CVE-2017-5677 · HIGH Severity
AV:N/AC:L/AU:N/C:P/I:P/A:P
PEAR HTML_AJAX 0.3.0 through 0.5.7 has a PHP Object Injection Vulnerability in the PHP Serializer. It allows remote code execution. In one viewpoint, the root cause is an incorrect regular expression.
Learn more about our Web Application Penetration Testing UK.