Vulnerabilities > Baijiacms Project > Baijiacms > 4.1.4
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-02-15 | CVE-2021-33396 | Cross-Site Request Forgery (CSRF) vulnerability in Baijiacms Project Baijiacms 4.1.4 Cross Site Request Forgery (CSRF) vulnerability in baijiacms 4.1.4, allows attackers to change the password or other information of an arbitrary account via index.php. | 6.5 |
| 2022-12-20 | CVE-2022-45942 | OS Command Injection vulnerability in Baijiacms Project Baijiacms 4.0/4.1.4/41420170105 A Remote Code Execution (RCE) vulnerability was found in includes/baijiacms/common.inc.php in baijiacms v4. | 8.8 |
| 2022-09-20 | CVE-2022-38931 | Server-Side Request Forgery (SSRF) vulnerability in Baijiacms Project Baijiacms 4.1.4 A Server-Side Request Forgery (SSRF) in fetch_net_file_upload function of baijiacmsV4 v4.1.4 allows remote attackers to force the application to make arbitrary requests via injection of arbitrary URLs into the url parameter. | 8.8 |