Vulnerability Details CVE-2011-2674
BaserCMS before 1.6.12 does not properly restrict additions to the membership of the operators group, which allows remote authenticated users to gain privileges via unspecified vectors.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.013
EPSS Ranking 68.1%
CVSS Severity
CVSS v2 Score 4.9
Products affected by CVE-2011-2674
-
cpe:2.3:a:basercms:basercms:-
-
cpe:2.3:a:basercms:basercms:1.5.4
-
cpe:2.3:a:basercms:basercms:1.5.5
-
cpe:2.3:a:basercms:basercms:1.5.6
-
cpe:2.3:a:basercms:basercms:1.5.7
-
cpe:2.3:a:basercms:basercms:1.5.8
-
cpe:2.3:a:basercms:basercms:1.5.9
-
cpe:2.3:a:basercms:basercms:1.6.0
-
cpe:2.3:a:basercms:basercms:1.6.1
-
cpe:2.3:a:basercms:basercms:1.6.10
-
cpe:2.3:a:basercms:basercms:1.6.11
-
cpe:2.3:a:basercms:basercms:1.6.11.1
-
cpe:2.3:a:basercms:basercms:1.6.11.2
-
cpe:2.3:a:basercms:basercms:1.6.11.3
-
cpe:2.3:a:basercms:basercms:1.6.11.4
-
cpe:2.3:a:basercms:basercms:1.6.2
-
cpe:2.3:a:basercms:basercms:1.6.3
-
cpe:2.3:a:basercms:basercms:1.6.4
-
cpe:2.3:a:basercms:basercms:1.6.5
-
cpe:2.3:a:basercms:basercms:1.6.6
-
cpe:2.3:a:basercms:basercms:1.6.7
-
cpe:2.3:a:basercms:basercms:1.6.7.1
-
cpe:2.3:a:basercms:basercms:1.6.8
-
cpe:2.3:a:basercms:basercms:1.6.9
-
cpe:2.3:a:basercms:basercms:1.6.9.1