3 matches found
CVE-2019-10015
baigoStudio baigoSSO v3.0.1 allows remote attackers to execute arbitrary PHP code via the first form field of a configuration screen, because this code is written to the BGSITENAME field in the optbase.inc.php file...
CVE-2019-10015
baigoStudio baigoSSO v3.0.1 allows remote attackers to execute arbitrary PHP code via the first form field of a configuration screen, because this code is written to the BGSITENAME field in the optbase.inc.php file...
CVE-2019-10015
CVE-2019-10015 affects baigoStudio baigoSSO v3.0.1. The vulnerability allows remote attackers to execute arbitrary PHP code by supplying payload in the first form field of the configuration screen, where the code is written to BG_SITE_NAME in opt_base.inc.php. This results in remote code executio...