baserCMS 3.0.14 and previous versions, 4.0.5 and previous versions allows an malicious user to execute arbitrary PHP code on the server via unspecified vectors.
basercms basercms