Shodan
Vulnerabilities
Vulnerable Software
Basercms:  Security Vulnerabilities
CVE-2016-4885
Cross-site request forgery (CSRF) vulnerability in baserCMS plugin Feed version 3.0.10 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors.
CVSS Score
8.8
EPSS Score
0.001
Published
2017-05-12
CVE-2016-4886
Cross-site request forgery (CSRF) vulnerability in baserCMS plugin Mail version 3.0.10 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors.
CVSS Score
8.8
EPSS Score
0.001
Published
2017-05-12
CVE-2016-4887
Cross-site request forgery (CSRF) vulnerability in baserCMS plugin Uploader version 3.0.10 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors.
CVSS Score
8.8
EPSS Score
0.001
Published
2017-05-12
CVE-2015-7769
baserCMS 3.0.2 through 3.0.8 allows remote authenticated users to execute arbitrary OS commands via unspecified vectors.
CVSS Score
6.3
EPSS Score
0.006
Published
2016-02-19
CVE-2015-5641
SQL injection vulnerability in baserCMS before 3.0.8 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
CVSS Score
6.5
EPSS Score
0.004
Published
2015-10-06
CVE-2015-5640
baserCMS before 3.0.8 allows remote authenticated users to modify arbitrary user settings via a crafted request.
CVSS Score
6.5
EPSS Score
0.004
Published
2015-10-06
CVE-2012-1248
app/config/core.php in baserCMS 1.6.15 and earlier does not properly handle installations in shared-hosting environments, which allows remote attackers to hijack sessions by leveraging administrative access to a different domain.
CVSS Score
5.1
EPSS Score
0.012
Published
2012-05-15
CVE-2011-2673
Cross-site scripting (XSS) vulnerability in BaserCMS before 1.6.13.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS Score
4.3
EPSS Score
0.003
Published
2011-10-02
CVE-2011-2674
BaserCMS before 1.6.12 does not properly restrict additions to the membership of the operators group, which allows remote authenticated users to gain privileges via unspecified vectors.
CVSS Score
4.9
EPSS Score
0.002
Published
2011-10-02


Products
Pricing
Contact Us

Shodan ® - All rights reserved