Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
basercms basercms vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-41994
Stored cross-site scripting vulnerability in Permission Settings of baserCMS versions before 4.7.2 allows a remote authenticated attacker with an administrative privilege to inject an arbitrary script.
Basercms Basercms
6.5
CVSSv2
CVE-2018-18942
In baserCMS prior to 4.1.4, lib\Baser\Model\ThemeConfig.php allows remote malicious users to execute arbitrary PHP code via the admin/theme_configs/form data[ThemeConfig][logo] parameter.
Basercms Basercms
6.8
CVSSv2
CVE-2016-4878
Cross-site request forgery (CSRF) vulnerability in baserCMS version 3.0.10 and previous versions allows remote malicious users to hijack the authentication of administrators via unspecified vectors.
Basercms Basercms 3.0.10
6.8
CVSSv2
CVE-2016-4881
Cross-site request forgery (CSRF) vulnerability in baserCMS plugin Blog version 3.0.10 and previous versions allows remote malicious users to hijack the authentication of administrators via unspecified vectors.
Basercms Basercms 3.0.10
3.5
CVSSv2
CVE-2016-4883
Cross-site scripting vulnerability in baserCMS version 3.0.10 and previous versions allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Basercms Basercms 3.0.10
6.8
CVSSv2
CVE-2016-4884
Cross-site request forgery (CSRF) vulnerability in baserCMS plugin Blog version 3.0.10 and previous versions allows remote malicious users to hijack the authentication of administrators via unspecified vectors.
Basercms Basercms 3.0.10
6.8
CVSSv2
CVE-2016-4886
Cross-site request forgery (CSRF) vulnerability in baserCMS plugin Mail version 3.0.10 and previous versions allows remote malicious users to hijack the authentication of administrators via unspecified vectors.
Basercms Basercms 3.0.10
6.8
CVSSv2
CVE-2016-4876
Cross-site request forgery (CSRF) vulnerability in baserCMS version 3.0.10 and previous versions allows remote malicious users to hijack the authentication of administrators to execute arbitrary PHP code via unspecified vectors.
Basercms Basercms 3.0.10
3.5
CVSSv2
CVE-2016-4880
Cross-site scripting vulnerability in baserCMS plugin Blog version 3.0.10 and previous versions allows remote authenticated malicious users to inject arbitrary web script or HTML via unspecified vectors.
Basercms Basercms 3.0.10
6.8
CVSSv2
CVE-2016-4882
Cross-site request forgery (CSRF) vulnerability in baserCMS version 3.0.10 and previous versions allows remote malicious users to hijack the authentication of administrators via unspecified vectors.
Basercms Basercms 3.0.10
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
malicious code
camera
CVE-2023-46694
CVE-2023-43847
CVE-2023-30311
CVE-2024-27842
CVE-2024-30165
arbitrary code
CVE-2024-21683
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »