Basercms

Basercms

59 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.4

CVE-2023-43647

  • EPSS 0.57%
  • Veröffentlicht 30.10.2023 19:15:08
  • Zuletzt bearbeitet 21.11.2024 08:24:32

baserCMS is a website development framework. Prior to version 4.8.0, there is a cross-site scripting vulnerability in the file upload feature of baserCMS. Version 4.8.0 contains a patch for this issue.

6.1

CVE-2023-29009

  • EPSS 0.55%
  • Veröffentlicht 27.10.2023 20:15:09
  • Zuletzt bearbeitet 21.11.2024 07:56:23

baserCMS is a website development framework with WebAPI that runs on PHP8 and CakePHP4. There is a XSS Vulnerability in Favorites Feature to baserCMS. This issue has been patched in version 4.8.0.

9.8

CVE-2023-25655

  • EPSS 0.34%
  • Veröffentlicht 23.03.2023 20:15:15
  • Zuletzt bearbeitet 21.11.2024 07:49:52

baserCMS is a Content Management system. Prior to version 4.7.5, any file may be uploaded on the management system of baserCMS. Version 4.7.5 contains a patch.

9.8

CVE-2023-25654

  • EPSS 1.78%
  • Veröffentlicht 23.03.2023 20:15:14
  • Zuletzt bearbeitet 21.11.2024 07:49:52

baserCMS is a Content Management system. Prior to version 4.7.5, there is a Remote Code Execution (RCE) Vulnerability in the management system of baserCMS. Version 4.7.5 contains a patch.

4.8

CVE-2022-42486

  • EPSS 0.14%
  • Veröffentlicht 07.12.2022 04:15:10
  • Zuletzt bearbeitet 23.04.2025 16:15:26

Stored cross-site scripting vulnerability in User group management of baserCMS versions prior to 4.7.2 allows a remote authenticated attacker with an administrative privilege to inject an arbitrary script.

4.8

CVE-2022-41994

  • EPSS 0.14%
  • Veröffentlicht 07.12.2022 04:15:10
  • Zuletzt bearbeitet 23.04.2025 15:15:51

Stored cross-site scripting vulnerability in Permission Settings of baserCMS versions prior to 4.7.2 allows a remote authenticated attacker with an administrative privilege to inject an arbitrary script.

6.1

CVE-2022-39325

  • EPSS 0.69%
  • Veröffentlicht 25.11.2022 20:15:10
  • Zuletzt bearbeitet 21.11.2024 07:18:02

BaserCMS is a content management system with a japanese language focus. In affected versions there is a cross-site scripting vulnerability on the management system of baserCMS. This is a vulnerability that needs to be addressed when the management sy...

9

CVE-2021-41279

  • EPSS 0.44%
  • Veröffentlicht 26.11.2021 18:15:07
  • Zuletzt bearbeitet 21.11.2024 06:25:57

BaserCMS is an open source content management system with a focus on Japanese language support. In affected versions users with upload privilege may upload crafted zip files capable of path traversal on the host operating system. This is a vulnerabil...

9

CVE-2021-41243

  • EPSS 2.8%
  • Veröffentlicht 26.11.2021 18:15:07
  • Zuletzt bearbeitet 21.11.2024 06:25:51

There is a Potential Zip Slip Vulnerability and OS Command Injection Vulnerability on the management system of baserCMS. Users with permissions to upload files may upload crafted zip files which may execute arbitrary commands on the host operating sy...

5.4

CVE-2021-39136

  • EPSS 0.54%
  • Veröffentlicht 25.08.2021 18:15:07
  • Zuletzt bearbeitet 21.11.2024 06:18:39

baserCMS is an open source content management system with a focus on Japanese language support. In affected versions there is a cross-site scripting vulnerability in the file upload function of the management system of baserCMS. Users are advised to ...