Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
veracodeVeracode Vulnerability DatabaseVERACODE:26752
HistorySep 16, 2020 - 1:39 a.m.

Remote Code Execution (RCE)

2020-09-1601:39:51
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
16

0.027 Low

EPSS

Percentile

90.6%

JSON

yii2 is vulnerable to remote code execution (RCE). The attack is possible through the deserialization of untrusted user input to yii\db\BatchQueryResult.

CPENameOperatorVersion
yiisoft/yii2le2.0.37

Related

cvelist 1
githubexploit 1
osv 2
friendsofphp 1
nuclei 1
cve 1
prion 1
nvd 1
github 1
cvelist
cvelist
CVE-2020-15148 Unsafe deserialization in Yii 2
2020-09-15 18:25:12
githubexploit
githubexploit
Exploit for Deserialization of Untrusted Data in Yiiframework Yii
2020-09-21 03:55:55
osv
osv
CVE-2020-15148
2020-09-15 19:15:12
Unsafe deserialization in Yii 2
2020-09-15 18:19:56
friendsofphp
friendsofphp
Possible remote code execution via unserialize() on user input containing specially crafted string
2020-09-14 21:15:51
nuclei
nuclei
Yii 2 < 2.0.38 - Remote Code Execution
2021-03-29 20:47:04
cve
cve
CVE-2020-15148
2020-09-15 19:15:12
prion
prion
Remote code execution
2020-09-15 19:15:00
nvd
nvd
CVE-2020-15148
2020-09-15 19:15:12
github
github
Unsafe deserialization in Yii 2
2020-09-15 18:19:56

0.027 Low

EPSS

Percentile

90.6%

JSON
Related for VERACODE:26752
cvelist1githubexploit1osv2friendsofphp1nuclei1cve1prion1nvd1github1