Unrated severityNVD Advisory· Published Mar 24, 2019· Updated Aug 4, 2024

CVE-2019-10015

Description

baigoStudio baigoSSO v3.0.1 allows remote attackers to execute arbitrary PHP code via the first form field of a configuration screen, because this code is written to the BG_SITE_NAME field in the opt_base.inc.php file.

Affected products

Baigostudio/Baigossoinferred
Range: = 3.0.1

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

github.com/baigoStudio/baigoSSO/issues/12mitrex_refsource_MISC

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000