CVE-2019-10015

2019-03-24T22:29:00
ID CVE-2019-10015
Type cve
Reporter cve@mitre.org
Modified 2019-03-25T18:40:00

Description

baigoStudio baigoSSO v3.0.1 allows remote attackers to execute arbitrary PHP code via the first form field of a configuration screen, because this code is written to the BG_SITE_NAME field in the opt_base.inc.php file.