CVE-2019-9227

Name of the Vulnerable Software and Affected Versions baigo CMS version 2.1.1

Description A remote code execution issue was discovered, allowing attackers to execute arbitrary code. This can be achieved by writing malicious code into the opt base.inc.php file using the BG SITE NAME parameter.

Recommendations For baigo CMS version 2.1.1, consider restricting access to the opt base.inc.php file to prevent modification, and avoid using the BG SITE NAME parameter until a fix is available. At the moment, there is no information about a newer version that contains a fix for this issue.