{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-15T06:34:22.808","vulnerabilities":[{"cve":{"id":"CVE-2018-1000059","sourceIdentifier":"cve@mitre.org","published":"2018-02-09T23:29:02.167","lastModified":"2024-11-21T03:39:33.097","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"ValidFormBuilder version 4.5.4 contains a PHP Object Injection vulnerability in Valid Form unserialize method that can result in Possible to execute unauthorised system commands remotely and disclose file contents in file system."},{"lang":"es","value":"ValidFormBuilder 4.5.4 contiene una vulnerabilidad de inyección de objetos PHP en el método de deserialización Valid Form que puede resultar en la posibilidad de ejecución de comandos del sistema sin autorización de forma remota y la revelación del contenido de archivos en el sistema de archivos."}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-502"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:validformbuilder:validform_builder:4.5.4:*:*:*:*:*:*:*","matchCriteriaId":"0E026F6E-35F8-472A-89E0-23979B828921"}]}]}],"references":[{"url":"https://github.com/validformbuilder/validformbuilder/issues/126","source":"cve@mitre.org","tags":["Issue Tracking","Third Party Advisory"]},{"url":"https://github.com/validformbuilder/validformbuilder/issues/126","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking","Third Party Advisory"]}]}}]}