SOY CMS 3.0.2.327 and earlier is affected by Unauthenticated Remote Code Execution (RCE). The allows remote attackers to execute any arbitrary code when the inquiry form feature is enabled by the service. The vulnerability is caused by unserializing the form without any restrictions. This was fixed in 3.0.2.328.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: GitHub_M
Published: 2020-09-18T17:05:18
Updated: 2024-08-04T13:08:22.678Z
Reserved: 2020-06-25T00:00:00
Link: CVE-2020-15188
Vulnrichment
No data.
NVD
Status : Modified
Published: 2020-09-18T17:15:12.503
Modified: 2024-11-21T05:05:02.270
Link: CVE-2020-15188
Redhat
No data.