4 matches found
PT-2022-10329 · Baijiacms · Baijiacms
Name of the Vulnerable Software and Affected Versions: baijiacms version 4 Description: An issue was discovered that allows modification of store information and login password due to a CSRF vulnerability. Recommendations: For baijiacms version 4, update to a version that includes a fix for this...
CVE-2019-7568
An issue was discovered in baijiacms V4 that can result in time-based blind SQL injection to get data via the cate parameter in an index.php?act=index request...
CVE-2018-16724
An issue is discovered in baijiacms V4. Blind SQL Injection exists via the order parameter in an index.php?act=index request...
CVE-2018-10503
An issue was discovered in index.php in baijiacms V4 v41420170105. CSRF allows adding an administrator account via op=edituser, changing the administrator password via op=changepwd, or deleting an account via op=deleteuser...