Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
basercms basercms vulnerabilities and exploits
(subscribe to this query)
312
VMScore
CVE-2018-18943
An issue exists in baserCMS prior to 4.1.4. In the Register New Category feature of the Upload menu, the category name can be used for XSS via the data[UploaderCategory][name] parameter to an admin/uploader/uploader_categories/edit URI.
Basercms Basercms
312
VMScore
CVE-2021-20681
Improper neutralization of JavaScript input in the page editing function of baserCMS versions before 4.4.5 allows remote authenticated malicious users to inject an arbitrary script via unspecified vectors.
Basercms Basercms
801
VMScore
CVE-2021-20682
baserCMS versions before 4.4.5 allows a remote attacker with an administrative privilege to execute arbitrary OS commands via unspecified vectors.
Basercms Basercms
312
VMScore
CVE-2021-20683
Improper neutralization of JavaScript input in the blog article editing function of baserCMS versions before 4.4.5 allows remote authenticated malicious users to inject an arbitrary script via unspecified vectors.
Basercms Basercms
356
VMScore
CVE-2018-0571
baserCMS (baserCMS 4.1.0.1 and previous versions versions, baserCMS 3.0.15 and previous versions versions) allows remote attackers with a site operator privilege to upload arbitrary files.
Basercms Basercms
445
VMScore
CVE-2018-0573
baserCMS (baserCMS 4.1.0.1 and previous versions versions, baserCMS 3.0.15 and previous versions versions) allows remote malicious users to bypass access restriction for a content to view a file which is uploaded by a site user via unspecified vectors.
Basercms Basercms
NA
CVE-2023-29009
baserCMS is a website development framework with WebAPI that runs on PHP8 and CakePHP4. There is a XSS Vulnerability in Favorites Feature to baserCMS. This issue has been patched in version 4.8.0.
Basercms Basercms
NA
CVE-2023-25654
baserCMS is a Content Management system. Prior to version 4.7.5, there is a Remote Code Execution (RCE) Vulnerability in the management system of baserCMS. Version 4.7.5 contains a patch.
Basercms Basercms
NA
CVE-2023-25655
baserCMS is a Content Management system. Prior to version 4.7.5, any file may be uploaded on the management system of baserCMS. Version 4.7.5 contains a patch.
Basercms Basercms
801
VMScore
CVE-2021-41279
BaserCMS is an open source content management system with a focus on Japanese language support. In affected versions users with upload privilege may upload crafted zip files capable of path traversal on the host operating system. This is a vulnerability that needs to be addressed...
Basercms Basercms
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »