Vulnerabilities > Basercms

DATE CVE VULNERABILITY TITLE RISK
2017-05-12 CVE-2016-4878 Cross-Site Request Forgery (CSRF) vulnerability in Basercms 3.0.10
Cross-site request forgery (CSRF) vulnerability in baserCMS version 3.0.10 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors.
network
low complexity
basercms CWE-352
8.8
2017-05-12 CVE-2016-4877 Cross-site Scripting vulnerability in Basercms and Mail
Cross-site scripting vulnerability in baserCMS plugin Mail version 3.0.10 and earlier allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors.
network
low complexity
basercms CWE-79
5.4
2017-05-12 CVE-2016-4876 Cross-Site Request Forgery (CSRF) vulnerability in Basercms 3.0.10
Cross-site request forgery (CSRF) vulnerability in baserCMS version 3.0.10 and earlier allows remote attackers to hijack the authentication of administrators to execute arbitrary PHP code via unspecified vectors.
network
low complexity
basercms CWE-352
8.8
2016-02-19 CVE-2015-7769 OS Command Injection vulnerability in Basercms
baserCMS 3.0.2 through 3.0.8 allows remote authenticated users to execute arbitrary OS commands via unspecified vectors.
network
low complexity
basercms CWE-78
6.3