High severity7.2NVD Advisory· Published Apr 20, 2019· Updated Jun 17, 2026
CVE-2019-11376
CVE-2019-11376
Description
SOY CMS v3.0.2 allows remote attackers to execute arbitrary PHP code via a <?php substring in the second text box. NOTE: the vendor indicates that there was an assumption that the content is "made editable on its own.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <3.0.2
Patches
Vulnerability mechanics
References
2- www.iwantacve.cn/index.php/archives/212/nvdExploitThird Party Advisory
- github.com/inunosinsi/soycms/issues/5nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.