CyberSec.Space Logo
Back to CVE Browser

CVE-2017-2163

HIGH
7.5
CVSS Severity Score
EPSS Score0.0650%
EPSS Percentile42.54th
PublishedMay 12, 2017
Last ModifiedMay 13, 2026

Vulnerability Description

Directory traversal vulnerability in SOY CMS Ver.1.8.1 to Ver.1.8.12 allows authenticated attackers to read arbitrary files via shop_id.

Affected Platforms (CPE)

πŸ“¦
N I Agroinformatics

Soy Cms

= 1.8.1
πŸ“¦
N I Agroinformatics

Soy Cms

= 1.8.2
πŸ“¦
N I Agroinformatics

Soy Cms

= 1.8.3
πŸ“¦
N I Agroinformatics

Soy Cms

= 1.8.4
πŸ“¦
N I Agroinformatics

Soy Cms

= 1.8.5
πŸ“¦
N I Agroinformatics

Soy Cms

= 1.8.6
πŸ“¦
N I Agroinformatics

Soy Cms

= 1.8.7
πŸ“¦
N I Agroinformatics

Soy Cms

= 1.8.8
πŸ“¦
N I Agroinformatics

Soy Cms

= 1.8.9
πŸ“¦
N I Agroinformatics

Soy Cms

= 1.8.10
πŸ“¦
N I Agroinformatics

Soy Cms

= 1.8.11
πŸ“¦
N I Agroinformatics

Soy Cms

= 1.8.12

References & Advisories

πŸ”— http://jvn.jp/en/jp/JVN51819749/index.html
πŸ”— http://jvn.jp/en/jp/JVN51819749/index.html

Related Vulnerabilities

CVE-2020-1518810.0

SOY CMS 3.0.2.327 and earlier is affected by Unauthenticated Remote Code Execution (RCE). The allows remote attackers to execute a...

CVE-2020-151828.4

The SOY Inquiry component of SOY CMS is affected by Cross-site Request Forgery (CSRF) and Remote Code Execution (RCE). The vulnera...

CVE-2019-113767.2

SOY CMS v3.0.2 allows remote attackers to execute arbitrary PHP code via a <?php substring in the second text box. NOTE: the vendo...

CVE-2020-151896.8

SOY CMS 3.0.2 and earlier is affected by Remote Code Execution (RCE) using Unrestricted File Upload. Cross-Site Scripting(XSS) vul...