CVE-2022-26607
- EPSS 2.72%
- Veröffentlicht 06.04.2022 21:15:07
- Zuletzt bearbeitet 21.11.2024 06:54:11
A remote code execution (RCE) vulnerability in baigo CMS v3.0-alpha-2 was discovered to allow attackers to execute arbitrary code via uploading a crafted PHP file.
CVE-2020-20584
- EPSS 0.49%
- Veröffentlicht 08.07.2021 16:15:08
- Zuletzt bearbeitet 21.11.2024 05:12:08
A cross site scripting vulnerability in baigo CMS v4.0-beta-1 allows attackers to execute arbitrary web scripts or HTML via the form parameter post to /public/console/profile/info-submit/.
CVE-2019-9226
- EPSS 0.32%
- Veröffentlicht 28.02.2019 14:29:00
- Zuletzt bearbeitet 21.11.2024 04:51:15
An issue was discovered in baigo CMS 2.1.1. There is a persistent XSS vulnerability that allows remote attackers to inject arbitrary web script or HTML via the opt[base][BG_SITE_NAME] parameter to the bg_console/index.php?m=opt&c=request URI.
CVE-2019-9227
- EPSS 3.11%
- Veröffentlicht 28.02.2019 14:29:00
- Zuletzt bearbeitet 21.11.2024 04:51:15
An issue was discovered in baigo CMS 2.1.1. There is a vulnerability that allows remote attackers to execute arbitrary code. A BG_SITE_NAME parameter with malicious code can be written into the opt_base.inc.php file.
CVE-2018-16458
- EPSS 0.12%
- Veröffentlicht 04.09.2018 11:29:00
- Zuletzt bearbeitet 21.11.2024 03:52:47
An issue was discovered in baigo CMS v2.1.1. There is an index.php?m=article&c=request CSRF that can cause publication of any article.