Vulnerabilities > Basercms > Basercms > 1.6.13.1

DATE CVE VULNERABILITY TITLE RISK
2015-10-06 CVE-2015-5640 Permissions, Privileges, and Access Controls vulnerability in Basercms
baserCMS before 3.0.8 allows remote authenticated users to modify arbitrary user settings via a crafted request.
network
low complexity
basercms CWE-264
6.5
6.5
2012-05-15 CVE-2012-1248 Permissions, Privileges, and Access Controls vulnerability in Basercms
app/config/core.php in baserCMS 1.6.15 and earlier does not properly handle installations in shared-hosting environments, which allows remote attackers to hijack sessions by leveraging administrative access to a different domain.
network
high complexity
basercms CWE-264
5.1
5.1
2011-10-02 CVE-2011-2673 Cross-Site Scripting vulnerability in Basercms
Cross-site scripting (XSS) vulnerability in BaserCMS before 1.6.13.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
network
basercms CWE-79
4.3
4.3