Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
basercms basercms vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-43649
baserCMS is a website development framework. Prior to version 4.8.0, there is a cross site request forgery vulnerability in the content preview feature of baserCMS. Version 4.8.0 contains a patch for this issue.
Basercms Basercms
2.1
CVSSv2
CVE-2020-15155
baserCMS 4.3.6 and previous versions is affected by Cross Site Scripting (XSS) via arbitrary script execution. Admin access is required to exploit this vulnerability. The affected components is toolbar.php. The issue is fixed in version 4.3.7.
Basercms Basercms
6.5
CVSSv2
CVE-2018-0569
baserCMS (baserCMS 4.1.0.1 and previous versions versions, baserCMS 3.0.15 and previous versions versions) allows remote authenticated malicious users to execute arbitrary OS commands via unspecified vectors.
Basercms Basercms
6.4
CVSSv2
CVE-2017-10843
baserCMS version 3.0.14 and previous versions, 4.0.5 and previous versions allows remote malicious users to delete arbitrary files via unspecified vectors when the "File" field is being used in the mail form.
Basercms Basercms
2.1
CVSSv2
CVE-2020-15154
baserCMS 4.3.6 and previous versions is affected by Cross Site Scripting (XSS) via arbitrary script execution. Admin access is required to exploit this vulnerability. The affected components are: content_fields.php, content_info.php, content_options.php, content_related.php, inde...
Basercms Basercms
9
CVSSv2
CVE-2021-20682
baserCMS versions before 4.4.5 allows a remote attacker with an administrative privilege to execute arbitrary OS commands via unspecified vectors.
Basercms Basercms
3.5
CVSSv2
CVE-2021-20683
Improper neutralization of JavaScript input in the blog article editing function of baserCMS versions before 4.4.5 allows remote authenticated malicious users to inject an arbitrary script via unspecified vectors.
Basercms Basercms
3.5
CVSSv2
CVE-2021-20681
Improper neutralization of JavaScript input in the page editing function of baserCMS versions before 4.4.5 allows remote authenticated malicious users to inject an arbitrary script via unspecified vectors.
Basercms Basercms
6.5
CVSSv2
CVE-2018-18942
In baserCMS prior to 4.1.4, lib\Baser\Model\ThemeConfig.php allows remote malicious users to execute arbitrary PHP code via the admin/theme_configs/form data[ThemeConfig][logo] parameter.
Basercms Basercms
NA
CVE-2023-43647
baserCMS is a website development framework. Prior to version 4.8.0, there is a cross-site scripting vulnerability in the file upload feature of baserCMS. Version 4.8.0 contains a patch for this issue.
Basercms Basercms
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »