Back to search
CVE-2019-11376
Published: Apr 20, 2019
Modified: Nov 15, 2024
PUBLISHED
Description
SOY CMS v3.0.2 allows remote attackers to execute arbitrary PHP code via a <?php substring in the second text box. NOTE: the vendor indicates that there was an assumption that the content is "made editable on its own.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
http://www.iwantacve.cn/index.php/archives/212/
x_refsource_MISC
https://github.com/inunosinsi/soycms/issues/5
x_refsource_MISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now