{"id":"CVE-2017-1000148","details":"Mahara 15.04 before 15.04.8 and 15.10 before 15.10.4 and 16.04 before 16.04.2 are vulnerable to PHP code execution as Mahara would pass portions of the XML through the PHP \"unserialize()\" function when importing a skin from an XML file.","modified":"2026-07-08T05:49:07.364989060Z","published":"2017-11-03T18:29:00.840Z","database_specific":{},"references":[{"type":"FIX","url":"https://bugs.launchpad.net/mahara/+bug/1508684"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/maharaproject/mahara","events":[{"introduced":"48a238a2f76a7ea322580fe93b7c026becd9acce"},{"last_affected":"1c2f89f8ee9dd8dba44594e8d50a4d47380eec9e"}],"database_specific":{"extracted_events":[{"introduced":"15.04-rc1"},{"last_affected":"15.04-rc1"},{"introduced":"15.04-rc2"},{"last_affected":"15.04-rc2"},{"introduced":"15.04.0"},{"last_affected":"15.04.0"},{"introduced":"15.04.1"},{"last_affected":"15.04.1"},{"introduced":"15.04.2"},{"last_affected":"15.04.2"},{"introduced":"15.04.3"},{"last_affected":"15.04.3"},{"introduced":"15.04.4"},{"last_affected":"15.04.4"},{"introduced":"15.04.5"},{"last_affected":"15.04.5"},{"introduced":"15.04.6"},{"last_affected":"15.04.6"},{"introduced":"15.04.7"},{"last_affected":"15.04.7"},{"introduced":"16.04-rc1"},{"last_affected":"16.04-rc1"},{"introduced":"16.04-rc2"},{"last_affected":"16.04-rc2"},{"introduced":"16.04.0"},{"last_affected":"16.04.0"},{"introduced":"16.04.1"},{"last_affected":"16.04.1"},{"introduced":"15.10.0"},{"last_affected":"15.10.0"},{"introduced":"15.10.1"},{"last_affected":"15.10.1"},{"introduced":"15.10.2"},{"last_affected":"15.10.2"},{"introduced":"15.10.3"},{"last_affected":"15.10.3"}],"cpe":["cpe:2.3:a:mahara:mahara:15.04:rc1:*:*:*:*:*:*","cpe:2.3:a:mahara:mahara:15.04:rc2:*:*:*:*:*:*","cpe:2.3:a:mahara:mahara:15.04.0:*:*:*:*:*:*:*","cpe:2.3:a:mahara:mahara:15.04.1:*:*:*:*:*:*:*","cpe:2.3:a:mahara:mahara:15.04.2:*:*:*:*:*:*:*","cpe:2.3:a:mahara:mahara:15.04.3:*:*:*:*:*:*:*","cpe:2.3:a:mahara:mahara:15.04.4:*:*:*:*:*:*:*","cpe:2.3:a:mahara:mahara:15.04.5:*:*:*:*:*:*:*","cpe:2.3:a:mahara:mahara:15.04.6:*:*:*:*:*:*:*","cpe:2.3:a:mahara:mahara:15.04.7:*:*:*:*:*:*:*","cpe:2.3:a:mahara:mahara:16.04:rc1:*:*:*:*:*:*","cpe:2.3:a:mahara:mahara:16.04:rc2:*:*:*:*:*:*","cpe:2.3:a:mahara:mahara:16.04.0:*:*:*:*:*:*:*","cpe:2.3:a:mahara:mahara:16.04.1:*:*:*:*:*:*:*","cpe:2.3:a:mahara:mahara:15.10.0:*:*:*:*:*:*:*","cpe:2.3:a:mahara:mahara:15.10.1:*:*:*:*:*:*:*","cpe:2.3:a:mahara:mahara:15.10.2:*:*:*:*:*:*:*","cpe:2.3:a:mahara:mahara:15.10.3:*:*:*:*:*:*:*"],"source":"CPE_STRING"}}],"versions":["15.04-rc1","15.04-rc2","15.04.0","15.04.1","15.04.2","15.04.3","15.04.4","15.04.5","15.04.6","15.04.7","15.10.0","15.10.1","15.10.2","15.10.3","16.04-rc1","16.04-rc2","16.04.0","16.04.1"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-1000148.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}]}