Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Basercms
(Basercms)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 59 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2023-03-23 | CVE-2023-25655 | baserCMS is a Content Management system. Prior to version 4.7.5, any file may be uploaded on the management system of baserCMS. Version 4.7.5 contains a patch. | Basercms | 9.8 | ||
| 2023-10-27 | CVE-2023-29009 | baserCMS is a website development framework with WebAPI that runs on PHP8 and CakePHP4. There is a XSS Vulnerability in Favorites Feature to baserCMS. This issue has been patched in version 4.8.0. | Basercms | 6.1 | ||
| 2023-10-30 | CVE-2023-43647 | baserCMS is a website development framework. Prior to version 4.8.0, there is a cross-site scripting vulnerability in the file upload feature of baserCMS. Version 4.8.0 contains a patch for this issue. | Basercms | 5.4 | ||
| 2023-10-30 | CVE-2023-43648 | baserCMS is a website development framework. Prior to version 4.8.0, there is a Directory Traversal Vulnerability in the form submission data management feature of baserCMS. Version 4.8.0 contains a patch for this issue. | Basercms | 6.5 | ||
| 2023-10-30 | CVE-2023-43649 | baserCMS is a website development framework. Prior to version 4.8.0, there is a cross site request forgery vulnerability in the content preview feature of baserCMS. Version 4.8.0 contains a patch for this issue. | Basercms | 9.8 | ||
| 2023-10-30 | CVE-2023-43792 | baserCMS is a website development framework. In versions 4.6.0 through 4.7.6, there is a Code Injection vulnerability in the mail form of baserCMS. As of time of publication, no known patched versions are available. | Basercms | 9.8 | ||
| 2024-10-24 | CVE-2024-46994 | baserCMS is a website development framework. Versions prior to 5.1.2 have a cross-site scripting vulnerability in Blog posts and Contents list Feature. Version 5.1.2 fixes this issue. | Basercms | 5.4 | ||
| 2024-10-24 | CVE-2024-46995 | baserCMS is a website development framework. Versions prior to 5.1.2 have a cross-site scripting vulnerability in HTTP 400 Bad Request. Version 5.1.2 fixes this issue. | Basercms | 6.1 | ||
| 2024-10-24 | CVE-2024-46996 | baserCMS is a website development framework. Versions prior to 5.1.2 have a cross-site scripting vulnerability in the Blog posts feature. Version 5.1.2 fixes this issue. | Basercms | 5.4 | ||
| 2024-10-24 | CVE-2024-46998 | baserCMS is a website development framework. Versions prior to 5.1.2 have a cross-site scripting vulnerability in the Edit Email Form Settings Feature. Version 5.1.2 fixes the issue. | Basercms | 5.4 |