CVE-2020-15188

Recent Vulnerabilities Product List Research Posts Trends Blog About Contact

Published: 18/09/2020 Updated: 29/09/2020

CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6

CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9

VMScore: 605

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

SOY CMS 3.0.2.327 and previous versions is affected by Unauthenticated Remote Code Execution (RCE). The allows remote malicious users to execute any arbitrary code when the inquiry form feature is enabled by the service. The vulnerability is caused by unserializing the form without any restrictions. This was fixed in 3.0.2.328.

Vulnerable Product	Search on Vulmon	Subscribe to Product
brassica soy cms

CWE-502 https://www.youtube.com/watch?v=zAE4Swjc-GU&feature=youtu.be https://github.com/inunosinsi/soycms/issues/10 https://github.com/inunosinsi/soycms/pull/12/commits/a75642989132dd25f74a13194b27c0986c3de020 https://github.com/inunosinsi/soycms/security/advisories/GHSA-hrrx-m22r-p9jp https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2020-15188

Vulnerability Summary

Vulnerability Trend

References

Vulmon Search

About

Products

Connect