Baijiacms Project: >> Baijiacms >> 4.0 Security Vulnerabilities
A Remote Code Execution (RCE) vulnerability was found in includes/baijiacms/common.inc.php in baijiacms v4.
CVSS Score
8.8
EPSS Score
0.272
Published
2022-12-20
An issue was discovered in baijiacms V4 that can result in time-based blind SQL injection to get data via the cate parameter in an index.php?act=index request.
CVSS Score
9.8
EPSS Score
0.003
Published
2019-02-07
An issue is discovered in baijiacms V4. Blind SQL Injection exists via the order parameter in an index.php?act=index request.
CVSS Score
9.8
EPSS Score
0.003
Published
2018-09-08
An issue is discovered in baijiacms V4. XSS exists via the assets/weengine/components/zclip/ZeroClipboard.swf id parameter, aka "Non-standard use of the flash component."
CVSS Score
6.1
EPSS Score
0.002
Published
2018-09-08