Vulnerabilities > Baijiacms Project > Baijiacms > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-02-15 | CVE-2021-33396 | Cross-Site Request Forgery (CSRF) vulnerability in Baijiacms Project Baijiacms 4.1.4 Cross Site Request Forgery (CSRF) vulnerability in baijiacms 4.1.4, allows attackers to change the password or other information of an arbitrary account via index.php. | 6.5 |
| 2021-10-29 | CVE-2020-25873 | Path Traversal vulnerability in Baijiacms Project Baijiacms 4 A directory traversal vulnerability in the component system/manager/class/web/database.php was discovered in Baijiacms V4 which allows attackers to arbitrarily delete folders on the server via the "id" parameter. | 6.5 |
| 2018-09-08 | CVE-2018-16725 | Cross-site Scripting vulnerability in Baijiacms Project Baijiacms 4.0 An issue is discovered in baijiacms V4. | 6.1 |
| 2018-04-19 | CVE-2018-10219 | Information Exposure vulnerability in Baijiacms Project Baijiacms 3.0 baijiacms V3 has physical path leakage via an index.php?mod=mobile&name=member&do=index request. | 5.3 |