Okay Cms

okay-cms

1 CVE • 1 product

Products (1)

Click to collapse

Toggle

Okaycms

okaycms

1 CVE

CVEs (1)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2019-16885 1Okay Cms 1Okaycms Nov 21, 2024 Dec 3, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 In OkayCMS through 2.3.4, an unauthenticated attacker can achieve remote code execution by injecting a malicious PHP object via a crafted cookie. This could happen at two places: first in view/ProductsView.php using the...Show more In OkayCMS through 2.3.4, an unauthenticated attacker can achieve remote code execution by injecting a malicious PHP object via a crafted cookie. This could happen at two places: first in view/ProductsView.php using the cookie price_filter, and second in api/Comparison.php via the cookie comparison.Show less

CVE

VENDORS

PRODUCTS

UPDATED

PUBLISHED

CVSS

CVE-2019-16885

1Okay Cms

1Okaycms

Nov 21, 2024

Dec 3, 2019

N/A· v4

9.8 CRITICAL· v3

7.5 HIGH· v2

In OkayCMS through 2.3.4, an unauthenticated attacker can achieve remote code execution by injecting a malicious PHP object via a crafted cookie. This could happen at two places: first in view/ProductsView.php using the...Show more