Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
prionPRIOn knowledge basePRION:CVE-2020-15148
HistorySep 15, 2020 - 7:15 p.m.

Remote code execution

2020-09-1519:15:00
PRIOn knowledge base
www.prio-n.com
16

9.6 High

AI Score

Confidence

High

0.027 Low

EPSS

Percentile

90.6%

JSON

Yii 2 (yiisoft/yii2) before version 2.0.38 is vulnerable to remote code execution if the application calls unserialize() on arbitrary user input. This is fixed in version 2.0.38. A possible workaround without upgrading is available in the linked advisory.

CPENameOperatorVersion
yiilt2.0.38

Related

cvelist 1
githubexploit 1
osv 2
nuclei 1
cve 1
nvd 1
github 1
veracode 1
friendsofphp 1
cvelist
cvelist
CVE-2020-15148 Unsafe deserialization in Yii 2
2020-09-15 18:25:12
githubexploit
githubexploit
Exploit for Deserialization of Untrusted Data in Yiiframework Yii
2020-09-21 03:55:55
osv
osv
Unsafe deserialization in Yii 2
2020-09-15 18:19:56
CVE-2020-15148
2020-09-15 19:15:12
nuclei
nuclei
Yii 2 < 2.0.38 - Remote Code Execution
2021-03-29 20:47:04
cve
cve
CVE-2020-15148
2020-09-15 19:15:12
nvd
nvd
CVE-2020-15148
2020-09-15 19:15:12
github
github
Unsafe deserialization in Yii 2
2020-09-15 18:19:56
veracode
veracode
Remote Code Execution (RCE)
2020-09-16 01:39:51
friendsofphp
friendsofphp
Possible remote code execution via unserialize() on user input containing specially crafted string
2020-09-14 21:15:51

9.6 High

AI Score

Confidence

High

0.027 Low

EPSS

Percentile

90.6%

JSON
Related for PRION:CVE-2020-15148
cvelist1githubexploit1osv2nuclei1cve1nvd1github1veracode1friendsofphp1