4 matches found
CVE-2020-36655
creationtimestamp| type| source ---|---|--- 2025-01-13 21:43:22+00:00| seen| Telegram/GBOHs6WKnICLxlJKA-pzaQ8uHlO4zDgU2pZUu6fa5klvLKA2...
CVE-2020-36655
Yii Yii2 Gii before 2.2.2 allows remote attackers to execute arbitrary code via the Generator.php messageCategory field. The attacker can embed arbitrary PHP code into the model file...
CVE-2020-36655
Yii Yii2 Gii before 2.2.2 allows remote attackers to execute arbitrary code via the Generator.php messageCategory field. The attacker can embed arbitrary PHP code into the model file...
CVE-2020-36655
CVE-2020-36655 affects Yii2 Gii prior to 2.2.2. The issue lets remote attackers exploit Generator.php messageCategory to embed arbitrary PHP code into a model file, enabling remote code execution (network vector, no user interaction). Remediation: upgrade to Yii2 Gii 2.2.2 or later.