Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
basercms basercms vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2016-1170
Cross-site request forgery (CSRF) vulnerability in the Casebook plugin prior to 0.9.4 for baserCMS allows remote malicious users to hijack the authentication of administrators.
Hiniarata Casebook Plugin
4.3
CVSSv2
CVE-2016-1171
Cross-site scripting (XSS) vulnerability in the Recruit plugin prior to 0.9.3 for baserCMS allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Hiniarata Casebook Plugin
6.8
CVSSv2
CVE-2016-1172
Cross-site request forgery (CSRF) vulnerability in the Recruit plugin prior to 0.9.3 for baserCMS allows remote malicious users to hijack the authentication of administrators.
Hiniarata Casebook Plugin
4.3
CVSSv2
CVE-2016-1173
Cross-site scripting (XSS) vulnerability in the Menubook plugin prior to 0.9.3 for baserCMS allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Hiniarata Casebook Plugin
6.8
CVSSv2
CVE-2016-1174
Cross-site request forgery (CSRF) vulnerability in the Menubook plugin prior to 0.9.3 for baserCMS allows remote malicious users to hijack the authentication of administrators.
Hiniarata Casebook Plugin
6.5
CVSSv2
CVE-2015-7769
baserCMS 3.0.2 up to and including 3.0.8 allows remote authenticated users to execute arbitrary OS commands via unspecified vectors.
Basercms Basercms 3.0.5.1
Basercms Basercms 3.0.6.1
Basercms Basercms 3.0.2
Basercms Basercms 3.0.7
Basercms Basercms 3.0.6
Basercms Basercms 3.0.8
6.5
CVSSv2
CVE-2015-5640
baserCMS prior to 3.0.8 allows remote authenticated users to modify arbitrary user settings via a crafted request.
Basercms Basercms
6.5
CVSSv2
CVE-2015-5641
SQL injection vulnerability in baserCMS prior to 3.0.8 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
Basercms Basercms
5.1
CVSSv2
CVE-2012-1248
app/config/core.php in baserCMS 1.6.15 and previous versions does not properly handle installations in shared-hosting environments, which allows remote malicious users to hijack sessions by leveraging administrative access to a different domain.
Basercms Basercms 1.5.6
Basercms Basercms 1.5.7
Basercms Basercms 1.5.4
Basercms Basercms 1.5.5
Basercms Basercms 1.5.8
Basercms Basercms 1.5.9
Basercms Basercms 1.6.0
Basercms Basercms 1.6.1
Basercms Basercms 1.6.2
Basercms Basercms 1.6.4
Basercms Basercms 1.6.5
Basercms Basercms 1.6.3
Basercms Basercms 1.6.6
Basercms Basercms 1.6.9
Basercms Basercms 1.6.7.1
Basercms Basercms 1.6.8
Basercms Basercms 1.6.7
Basercms Basercms 1.6.10
Basercms Basercms 1.6.11
Basercms Basercms 1.6.9.1
Basercms Basercms 1.6.11.1
Basercms Basercms 1.6.11.3
4.3
CVSSv2
CVE-2011-2673
Cross-site scripting (XSS) vulnerability in BaserCMS prior to 1.6.13.2 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Basercms Basercms 1.5.6
Basercms Basercms 1.5.7
Basercms Basercms 1.5.4
Basercms Basercms 1.5.5
Basercms Basercms 1.5.8
Basercms Basercms 1.5.9
Basercms Basercms 1.6.0
Basercms Basercms 1.6.1
Basercms Basercms 1.6.2
Basercms Basercms 1.6.4
Basercms Basercms 1.6.5
Basercms Basercms 1.6.3
Basercms Basercms 1.6.6
Basercms Basercms 1.6.9
Basercms Basercms 1.6.7.1
Basercms Basercms 1.6.8
Basercms Basercms 1.6.7
Basercms Basercms 1.6.10
Basercms Basercms 1.6.11
Basercms Basercms 1.6.9.1
Basercms Basercms 1.6.11.1
Basercms Basercms 1.6.11.3
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-30078
CVE-2024-37896
code injection
CVE-2024-3080
CVE-2024-5172
cross-site request forgery
CVE-2024-6111
firmware
CVE-2024-38504
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »