{"id":"CVE-2018-1999022","details":"PEAR HTML_QuickForm version 3.2.14 contains an eval injection (CWE-95) vulnerability in HTML_QuickForm's getSubmitValue method, HTML_QuickForm's validate method, HTML_QuickForm_hierselect's _setOptions method, HTML_QuickForm_element's _findValue method, HTML_QuickForm_element's _prepareValue method. that can result in Possible information disclosure, possible impact on data integrity and execution of arbitrary code. This attack appear to be exploitable via A specially crafted query string could be utilised, e.g. http://www.example.com/admin/add_practice_type_id[1]=fubar%27])%20OR%20die(%27OOK!%27);%20//&mode=live. This vulnerability appears to have been fixed in 3.2.15.","modified":"2026-04-16T04:40:58.663484906Z","published":"2018-07-23T16:29:00.227Z","references":[{"type":"ADVISORY","url":"http://blog.pear.php.net/2018/07/19/security-vulnerability-announcement-html_quickform/"},{"type":"ADVISORY","url":"https://civicrm.org/advisory/civi-sa-2018-07-remote-code-execution-in-quickform"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/civicrm/civicrm-core","events":[{"introduced":"0"},{"last_affected":"52d4ce5bdaed5d25903d47226afb56ece2769c88"},{"introduced":"0"},{"last_affected":"9ce0633cb2265abde8a7d7c649568ec7763ab4c2"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"4.6.37"},{"introduced":"0"},{"last_affected":"5.3.0"}]}}],"versions":["4.3.beta2","4.3.beta3","4.3.beta4","4.3.beta5","4.4.alpha1","4.4.alpha2","4.4.alpha3","4.4.beta1","4.4.beta2","4.4.beta3","4.4.beta4","4.5.alpha1","4.5.alpha2","4.5.beta1","4.5.beta2","4.5.beta3","4.5.beta4","4.5.beta5","4.5.beta6","4.5.beta7","4.5.beta8","4.6.0","4.6.1","4.6.10","4.6.11","4.6.12","4.6.13","4.6.14","4.6.15","4.6.16","4.6.17","4.6.18","4.6.19","4.6.2","4.6.20","4.6.21","4.6.22","4.6.23","4.6.24","4.6.25","4.6.26","4.6.27","4.6.28","4.6.29","4.6.3","4.6.30","4.6.31","4.6.32","4.6.33","4.6.34","4.6.35","4.6.36","4.6.37","4.6.4","4.6.5","4.6.6","4.6.7","4.6.8","4.6.9","4.6.alpha1","4.6.alpha2","4.6.alpha3","4.6.alpha4","4.6.alpha5","4.6.alpha6","4.6.alpha7","4.6.beta1","4.6.beta2","4.6.beta3","4.6.beta4","4.6.beta5","4.7.0","4.7.1","4.7.10-pre1","4.7.2","4.7.3","4.7.4","4.7.5","4.7.6","4.7.alpha1","4.7.alpha2","4.7.alpha3","4.7.alpha4","4.7.alpha5","4.7.beta1","4.7.beta2","4.7.beta3","4.7.beta4","4.7.beta5","4.7.beta6","4.7.beta7","4.7.beta8","5.3.0"],"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"3.2.14"}]}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-1999022.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}