Vulnerabilities > Baijiacms Project > Baijiacms > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-12-20 | CVE-2022-45942 | OS Command Injection vulnerability in Baijiacms Project Baijiacms 4.0/4.1.4/41420170105 A Remote Code Execution (RCE) vulnerability was found in includes/baijiacms/common.inc.php in baijiacms v4. | 8.8 |
| 2022-09-20 | CVE-2022-38931 | Server-Side Request Forgery (SSRF) vulnerability in Baijiacms Project Baijiacms 4.1.4 A Server-Side Request Forgery (SSRF) in fetch_net_file_upload function of baijiacmsV4 v4.1.4 allows remote attackers to force the application to make arbitrary requests via injection of arbitrary URLs into the url parameter. | 8.8 |
| 2018-04-27 | CVE-2018-10503 | Cross-Site Request Forgery (CSRF) vulnerability in Baijiacms Project Baijiacms 41420170105 An issue was discovered in index.php in baijiacms V4 v4_1_4_20170105. | 8.8 |
| 2018-04-20 | CVE-2018-10249 | Cross-Site Request Forgery (CSRF) vulnerability in Baijiacms Project Baijiacms 3.0 baijiacms V3 has CSRF via index.php?mod=site&op=edituser&name=manager&do=user to add an administrator account. | 8.8 |