Export limit exceeded: 343831 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (68 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2016-4880 | 1 Basercms | 1 Basercms | 2025-04-20 | N/A |
| Cross-site scripting vulnerability in baserCMS plugin Blog version 3.0.10 and earlier allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2016-4881 | 1 Basercms | 1 Basercms | 2025-04-20 | N/A |
| Cross-site request forgery (CSRF) vulnerability in baserCMS plugin Blog version 3.0.10 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors. | ||||
| CVE-2016-4882 | 1 Basercms | 1 Basercms | 2025-04-20 | N/A |
| Cross-site request forgery (CSRF) vulnerability in baserCMS version 3.0.10 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors. | ||||
| CVE-2016-4883 | 1 Basercms | 1 Basercms | 2025-04-20 | N/A |
| Cross-site scripting vulnerability in baserCMS version 3.0.10 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2016-4884 | 1 Basercms | 1 Basercms | 2025-04-20 | N/A |
| Cross-site request forgery (CSRF) vulnerability in baserCMS plugin Blog version 3.0.10 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors. | ||||
| CVE-2016-4885 | 1 Basercms | 1 Basercms | 2025-04-20 | N/A |
| Cross-site request forgery (CSRF) vulnerability in baserCMS plugin Feed version 3.0.10 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors. | ||||
| CVE-2016-4887 | 1 Basercms | 1 Basercms | 2025-04-20 | N/A |
| Cross-site request forgery (CSRF) vulnerability in baserCMS plugin Uploader version 3.0.10 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors. | ||||
| CVE-2017-10842 | 1 Basercms | 1 Basercms | 2025-04-20 | N/A |
| SQL injection vulnerability in the baserCMS 3.0.14 and earlier, 4.0.5 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2015-5640 | 1 Basercms | 1 Basercms | 2025-04-12 | N/A |
| baserCMS before 3.0.8 allows remote authenticated users to modify arbitrary user settings via a crafted request. | ||||
| CVE-2015-5641 | 1 Basercms | 1 Basercms | 2025-04-12 | N/A |
| SQL injection vulnerability in baserCMS before 3.0.8 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2015-7769 | 1 Basercms | 1 Basercms | 2025-04-12 | N/A |
| baserCMS 3.0.2 through 3.0.8 allows remote authenticated users to execute arbitrary OS commands via unspecified vectors. | ||||
| CVE-2011-2673 | 1 Basercms | 1 Basercms | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in BaserCMS before 1.6.13.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2011-2674 | 1 Basercms | 1 Basercms | 2025-04-11 | N/A |
| BaserCMS before 1.6.12 does not properly restrict additions to the membership of the operators group, which allows remote authenticated users to gain privileges via unspecified vectors. | ||||
| CVE-2012-1248 | 1 Basercms | 1 Basercms | 2025-04-11 | N/A |
| app/config/core.php in baserCMS 1.6.15 and earlier does not properly handle installations in shared-hosting environments, which allows remote attackers to hijack sessions by leveraging administrative access to a different domain. | ||||
| CVE-2023-25654 | 1 Basercms | 1 Basercms | 2025-02-25 | 9.8 Critical |
| baserCMS is a Content Management system. Prior to version 4.7.5, there is a Remote Code Execution (RCE) Vulnerability in the management system of baserCMS. Version 4.7.5 contains a patch. | ||||
| CVE-2023-25655 | 1 Basercms | 1 Basercms | 2025-02-25 | 9.8 Critical |
| baserCMS is a Content Management system. Prior to version 4.7.5, any file may be uploaded on the management system of baserCMS. Version 4.7.5 contains a patch. | ||||
| CVE-2024-26128 | 1 Basercms | 1 Basercms | 2024-12-20 | 5.4 Medium |
| baserCMS is a website development framework. Prior to version 5.0.9, there is a cross-site scripting vulnerability in the content management feature. Version 5.0.9 contains a fix for this vulnerability. | ||||
| CVE-2023-51450 | 1 Basercms | 1 Basercms | 2024-12-18 | 5.6 Medium |
| baserCMS is a website development framework. Prior to version 5.0.9, there is an OS Command Injection vulnerability in the site search feature of baserCMS. Version 5.0.9 contains a fix for this vulnerability. | ||||
| CVE-2023-43792 | 1 Basercms | 1 Basercms | 2024-11-21 | 9.8 Critical |
| baserCMS is a website development framework. In versions 4.6.0 through 4.7.6, there is a Code Injection vulnerability in the mail form of baserCMS. As of time of publication, no known patched versions are available. | ||||
| CVE-2023-43649 | 1 Basercms | 1 Basercms | 2024-11-21 | 4.7 Medium |
| baserCMS is a website development framework. Prior to version 4.8.0, there is a cross site request forgery vulnerability in the content preview feature of baserCMS. Version 4.8.0 contains a patch for this issue. | ||||