GCVE - cpe:2.3:a:pear:html_ajax:0.3.2:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:pear:html_ajax:0.3.2:*:*:*:*:*:*:*

part: a version: 0.3.2 update: *

Vendor	Pear (`202938b0-7fb8-5241-8587-372df9c20f96`)
Product	Html Ajax (`599065af-1f87-5904-90d1-579772c6926e`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
`pkg:github/pear/html_ajax`	purl2cpe	2026-06-01 10:10:56.220331
`pkg:gitlab/liguros/pear-html-ajax`	purl2cpe	2026-06-01 10:10:56.220332

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2017-5677`	vulnerable	2026-06-08 05:09:47.861198	Details available PEAR HTML_AJAX 0.3.0 through 0.5.7 has a PHP Object Injection Vulnerability in the PHP Serializer. It allows remote code execution. In one viewpoint, the root cause is an incorrect regular expression. Published: 2017-02-06T18:00:00.000Z Updated: 2024-08-05T15:11:47.784Z Open on db.gcve.eu Reference links http://karmainsecurity.com/KIS-2017-01 http://blog.pear.php.net/2017/02/02/security-html_ajax-058/ http://seclists.org/fulldisclosure/2017/Feb/12 http://www.securityfocus.com/bid/96044 https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=f5acb5adcd195f9a06b732794cb0de7620def646	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.