CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Baijiacms Project: >> Baijiacms >> 4.1.4 Security Vulnerabilities

CVE-2021-33396

Cross Site Request Forgery (CSRF) vulnerability in baijiacms 4.1.4, allows attackers to change the password or other information of an arbitrary account via index.php.

CVSS Score

6.5

EPSS Score

0.001

Published

2023-02-15

CVE-2022-45942

A Remote Code Execution (RCE) vulnerability was found in includes/baijiacms/common.inc.php in baijiacms v4.

CVSS Score

8.8

EPSS Score

0.272

Published

2022-12-20

CVE-2022-38931

A Server-Side Request Forgery (SSRF) in fetch_net_file_upload function of baijiacmsV4 v4.1.4 allows remote attackers to force the application to make arbitrary requests via injection of arbitrary URLs into the url parameter.

CVSS Score

8.8

EPSS Score

0.012

Published

2022-09-20

Page 1

Vulnerabilities

Vulnerable Software

Baijiacms Project: >> Baijiacms >> 4.1.4 Security Vulnerabilities

Products

Pricing

Contact Us