Ryan0Lb

**Name of the Vulnerable Software and Affected Versions** SOY CMS version 3.0.2 **Description** The issue allows remote attackers to execute arbitrary PHP code via a <?php substring in the second text box. It is based on an assumption that the content is made editable on its own. **Recommendations** For SOY CMS version 3.0.2, consider removing or restricting the ability to input PHP code in the second text box as a temporary workaround until a patch is available.