{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-30T15:13:39.592","vulnerabilities":[{"cve":{"id":"CVE-2020-15188","sourceIdentifier":"security-advisories@github.com","published":"2020-09-18T17:15:12.503","lastModified":"2024-11-21T05:05:02.270","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"SOY CMS 3.0.2.327 and earlier is affected by Unauthenticated Remote Code Execution (RCE). The allows remote attackers to execute any arbitrary code when the inquiry form feature is enabled by the service. The vulnerability is caused by unserializing the form without any restrictions. This was fixed in 3.0.2.328."},{"lang":"es","value":"SOY CMS versiones 3.0.2.327 y anteriores, están afectadas por una Ejecución de Código Remota (RCE) No Autenticado.&#xa0;El permite a atacantes remotos ejecutar cualquier código arbitrario cuando la funcionalidad inquiry form es habilitada por el servicio.&#xa0;La vulnerabilidad es causada por la deserialización del formulario sin restricciones.&#xa0;Esto se corrigió en versión 3.0.2.328"}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H","baseScore":10.0,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":6.0},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:P/A:P","baseScore":6.8,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-502"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:brassica:soy_cms:*:*:*:*:*:*:*:*","versionEndExcluding":"3.0.2.328","matchCriteriaId":"DE978394-A82D-43E0-AE72-36ABB7FBB3F9"}]}]}],"references":[{"url":"https://github.com/inunosinsi/soycms/issues/10","source":"security-advisories@github.com","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/inunosinsi/soycms/pull/12/commits/a75642989132dd25f74a13194b27c0986c3de020","source":"security-advisories@github.com","tags":["Patch","Third Party Advisory"]},{"url":"https://github.com/inunosinsi/soycms/security/advisories/GHSA-hrrx-m22r-p9jp","source":"security-advisories@github.com","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.youtube.com/watch?v=zAE4Swjc-GU&feature=youtu.be","source":"security-advisories@github.com","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/inunosinsi/soycms/issues/10","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/inunosinsi/soycms/pull/12/commits/a75642989132dd25f74a13194b27c0986c3de020","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Third Party Advisory"]},{"url":"https://github.com/inunosinsi/soycms/security/advisories/GHSA-hrrx-m22r-p9jp","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.youtube.com/watch?v=zAE4Swjc-GU&feature=youtu.be","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}}]}