Lucene search
PRIOn knowledge basePRION:CVE-2019-16885HistoryDec 03, 2019 - 8:15 p.m.
Remote code execution
2019-12-0320:15:00
PRIOn knowledge base
www.prio-n.com
9
In OkayCMS through 2.3.4, an unauthenticated attacker can achieve remote code execution by injecting a malicious PHP object via a crafted cookie. This could happen at two places: first in view/ProductsView.php using the cookie price_filter, and second in api/Comparison.php via the cookie comparison.
Related
zdt
zdt
OkayCMS 2.3.4 Remote Code Execution Exploit #RCE
2019-12-08 00:00:00
symantec
symantec
OkayCMS CVE-2019-16885 Multiple Remote Code Execution Vulnerabilities
2019-09-29 00:00:00
osv
osv
CVE-2019-16885
2019-12-03 20:15:11
cvelist
cvelist
CVE-2019-16885
2019-12-03 19:50:21
nvd
nvd
CVE-2019-16885
2019-12-03 20:15:11
packetstorm
packetstorm
OkayCMS 2.3.4 Remote Code Execution
2019-12-06 00:00:00
cve
cve
CVE-2019-16885
2019-12-03 20:15:11