Vulnerabilities > Baijiacms Project > Baijiacms > 4.1.4

DATE CVE VULNERABILITY TITLE RISK
2023-02-15 CVE-2021-33396 Cross-Site Request Forgery (CSRF) vulnerability in Baijiacms Project Baijiacms 4.1.4
Cross Site Request Forgery (CSRF) vulnerability in baijiacms 4.1.4, allows attackers to change the password or other information of an arbitrary account via index.php.
network
low complexity
baijiacms-project CWE-352
6.5
6.5
2022-12-20 CVE-2022-45942 OS Command Injection vulnerability in Baijiacms Project Baijiacms 4.0/4.1.4/41420170105
A Remote Code Execution (RCE) vulnerability was found in includes/baijiacms/common.inc.php in baijiacms v4.
network
low complexity
baijiacms-project CWE-78
8.8
8.8