MidnightBSD

Advisories for stackpath

CVE-2021-29654 MEDIUM

AjaxSearchPro before 4.20.8 allows Deserialization of Untrusted Data (in the import database feature of the administration panel), leading to Remote Code execution.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.2 HIGH CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 1.2 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-502,

Products Affected

Vendor Product Version
stackpath ajaxsearchpro *