CVE-2018-0575
- EPSS 1.18%
- Veröffentlicht 26.06.2018 14:29:01
- Zuletzt bearbeitet 21.11.2024 03:38:30
baserCMS (baserCMS 4.1.0.1 and earlier versions, baserCMS 3.0.15 and earlier versions) allows remote attackers to bypass access restriction in mail form to view a file which is uploaded by a site user via unspecified vectors.
CVE-2018-0574
- EPSS 0.84%
- Veröffentlicht 26.06.2018 14:29:01
- Zuletzt bearbeitet 21.11.2024 03:38:30
Cross-site scripting vulnerability in baserCMS (baserCMS 4.1.0.1 and earlier versions, baserCMS 3.0.15 and earlier versions) allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2018-0573
- EPSS 1.12%
- Veröffentlicht 26.06.2018 14:29:01
- Zuletzt bearbeitet 21.11.2024 03:38:30
baserCMS (baserCMS 4.1.0.1 and earlier versions, baserCMS 3.0.15 and earlier versions) allows remote attackers to bypass access restriction for a content to view a file which is uploaded by a site user via unspecified vectors.
CVE-2018-0571
- EPSS 1.13%
- Veröffentlicht 26.06.2018 14:29:00
- Zuletzt bearbeitet 21.11.2024 03:38:30
baserCMS (baserCMS 4.1.0.1 and earlier versions, baserCMS 3.0.15 and earlier versions) allows remote attackers with a site operator privilege to upload arbitrary files.
CVE-2018-0569
- EPSS 1.5%
- Veröffentlicht 26.06.2018 14:29:00
- Zuletzt bearbeitet 21.11.2024 03:38:29
baserCMS (baserCMS 4.1.0.1 and earlier versions, baserCMS 3.0.15 and earlier versions) allows remote authenticated attackers to execute arbitrary OS commands via unspecified vectors.
CVE-2018-0570
- EPSS 0.68%
- Veröffentlicht 26.06.2018 14:29:00
- Zuletzt bearbeitet 21.11.2024 03:38:30
Cross-site scripting vulnerability in baserCMS (baserCMS 4.1.0.1 and earlier versions, baserCMS 3.0.15 and earlier versions) allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2018-0572
- EPSS 1.63%
- Veröffentlicht 26.06.2018 14:29:00
- Zuletzt bearbeitet 21.11.2024 03:38:30
baserCMS (baserCMS 4.1.0.1 and earlier versions, baserCMS 3.0.15 and earlier versions) allows remote authenticated attackers to bypass access restriction to view or alter a restricted content via unspecified vectors.
CVE-2017-10844
- EPSS 1.47%
- Veröffentlicht 29.08.2017 01:35:13
- Zuletzt bearbeitet 13.05.2026 00:24:29
baserCMS 3.0.14 and earlier, 4.0.5 and earlier allows an attacker to execute arbitrary PHP code on the server via unspecified vectors.
CVE-2017-10843
- EPSS 1.42%
- Veröffentlicht 29.08.2017 01:35:13
- Zuletzt bearbeitet 13.05.2026 00:24:29
baserCMS version 3.0.14 and earlier, 4.0.5 and earlier allows remote attackers to delete arbitrary files via unspecified vectors when the "File" field is being used in the mail form.
CVE-2017-10842
- EPSS 1.77%
- Veröffentlicht 29.08.2017 01:35:13
- Zuletzt bearbeitet 13.05.2026 00:24:29
SQL injection vulnerability in the baserCMS 3.0.14 and earlier, 4.0.5 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors.