Vulnerabilities > Basercms > Basercms > 1.6.13.1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2015-10-06 | CVE-2015-5640 | Permissions, Privileges, and Access Controls vulnerability in Basercms baserCMS before 3.0.8 allows remote authenticated users to modify arbitrary user settings via a crafted request. | 6.5 |
2012-05-15 | CVE-2012-1248 | Permissions, Privileges, and Access Controls vulnerability in Basercms app/config/core.php in baserCMS 1.6.15 and earlier does not properly handle installations in shared-hosting environments, which allows remote attackers to hijack sessions by leveraging administrative access to a different domain. | 5.1 |
2011-10-02 | CVE-2011-2673 | Cross-Site Scripting vulnerability in Basercms Cross-site scripting (XSS) vulnerability in BaserCMS before 1.6.13.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |