Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
basercms basercms vulnerabilities and exploits
(subscribe to this query)
4.8
CVSSv3
CVE-2022-42486
Stored cross-site scripting vulnerability in User group management of baserCMS versions before 4.7.2 allows a remote authenticated attacker with an administrative privilege to inject an arbitrary script.
Basercms Basercms
4.8
CVSSv3
CVE-2018-18943
An issue exists in baserCMS prior to 4.1.4. In the Register New Category feature of the Upload menu, the category name can be used for XSS via the data[UploaderCategory][name] parameter to an admin/uploader/uploader_categories/edit URI.
Basercms Basercms
4.3
CVSSv3
CVE-2018-0571
baserCMS (baserCMS 4.1.0.1 and previous versions versions, baserCMS 3.0.15 and previous versions versions) allows remote attackers with a site operator privilege to upload arbitrary files.
Basercms Basercms
NA
CVE-2024-26128
baserCMS is a website development framework. Prior to version 5.0.9, there is a cross-site scripting vulnerability in the content management feature. Version 5.0.9 contains a fix for this vulnerability.
NA
CVE-2023-44379
baserCMS is a website development framework. Prior to version 5.0.9, there is a cross-site scripting vulnerability in the site search feature. Version 5.0.9 contains a fix for this vulnerability.
NA
CVE-2023-51450
baserCMS is a website development framework. Prior to version 5.0.9, there is an OS Command Injection vulnerability in the site search feature of baserCMS. Version 5.0.9 contains a fix for this vulnerability.
NA
CVE-2015-5640
baserCMS prior to 3.0.8 allows remote authenticated users to modify arbitrary user settings via a crafted request.
Basercms Basercms
NA
CVE-2015-5641
SQL injection vulnerability in baserCMS prior to 3.0.8 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
Basercms Basercms
NA
CVE-2012-1248
app/config/core.php in baserCMS 1.6.15 and previous versions does not properly handle installations in shared-hosting environments, which allows remote malicious users to hijack sessions by leveraging administrative access to a different domain.
Basercms Basercms 1.6.14
Basercms Basercms 1.6.13
Basercms Basercms 1.6.12
Basercms Basercms 1.6.2
Basercms Basercms 1.6.3
Basercms Basercms 1.5.4
Basercms Basercms 1.5.5
Basercms Basercms 1.6.9
Basercms Basercms 1.6.11
Basercms Basercms 1.6.6
Basercms Basercms 1.6.7
Basercms Basercms 1.5.8
Basercms Basercms 1.5.9
Basercms Basercms 1.6.11.2
Basercms Basercms 1.6.11.1
Basercms Basercms 1.6.7.1
Basercms Basercms 1.6.8
Basercms Basercms 1.6.0
Basercms Basercms 1.6.1
Basercms Basercms 1.6.13.6
Basercms Basercms 1.6.13.1
Basercms Basercms 1.6.10
NA
CVE-2011-2673
Cross-site scripting (XSS) vulnerability in BaserCMS prior to 1.6.13.2 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Basercms Basercms 1.6.4
Basercms Basercms 1.6.2
Basercms Basercms 1.5.7
Basercms Basercms 1.5.5
Basercms Basercms 1.6.9.1
Basercms Basercms 1.6.11
Basercms Basercms 1.6.0
Basercms Basercms 1.6.1
Basercms Basercms 1.5.8
Basercms Basercms 1.5.9
Basercms Basercms 1.5.6
Basercms Basercms 1.6.10
Basercms Basercms
Basercms Basercms 1.6.7.1
Basercms Basercms 1.6.8
Basercms Basercms 1.6.6
Basercms Basercms 1.6.7
Basercms Basercms 1.6.12
Basercms Basercms 1.6.11.2
Basercms Basercms 1.6.11.1
Basercms Basercms 1.6.11.4
Basercms Basercms 1.6.5
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »