CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

A directory listing issue in the baserCMS plugin in D-ZERO CO., LTD. BurgerEditor and BurgerEditor Limited Edition before 2.25.1 allows remote attackers to obtain sensitive information by exposing a list of the uploaded files...

5.3CVSS6.5AI score0.00733EPSS

Exploits0References1

NVD•added 2024/10/11 6:15 p.m.•7 views

CVE-2024-44807

5.3CVSS0.00733EPSS

Exploits0References6

Positive Technologies•added 2024/10/11 12:0 a.m.•2 views

PT-2024-31258 · D Zero Co. · Basercms +2

Name of the Vulnerable Software and Affected Versions: baserCMS plugin in D-ZERO CO., LTD. BurgerEditor and BurgerEditor Limited Edition versions prior to 2.25.1 Description: A directory listing issue allows remote attackers to obtain sensitive information by exposing a list of the uploaded files...

5.3CVSS6.9AI score0.00733EPSS

Exploits0References9

Cvelist•added 2024/10/11 12:0 a.m.•14 views

CVE-2024-44807

0.00733EPSS

Exploits0References6

Prion•added 2017/05/12 6:29 p.m.•9 views

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in baserCMS plugin Feed version 3.0.10 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors...

6.8CVSS7.6AI score0.00117EPSS

Exploits0References3Affected Software1

NVD•added 2017/05/12 6:29 p.m.•9 views

CVE-2016-4881

Cross-site request forgery CSRF vulnerability in baserCMS plugin Blog version 3.0.10 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors...

8.8CVSS8.8AI score0.00118EPSS

Exploits0References3

OSV•added 2017/05/12 6:29 p.m.•16 views

CVE-2016-4885

Cross-site request forgery CSRF vulnerability in baserCMS plugin Feed version 3.0.10 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors...

8.8CVSS7.4AI score

Exploits0References3

NVD•added 2017/05/12 6:29 p.m.•8 views

CVE-2016-4887

Cross-site request forgery CSRF vulnerability in baserCMS plugin Uploader version 3.0.10 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors...

8.8CVSS8.9AI score0.00117EPSS

Exploits0References3

OSV•added 2017/05/12 6:29 p.m.•10 views

CVE-2016-4881

Cross-site request forgery CSRF vulnerability in baserCMS plugin Blog version 3.0.10 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors...

8.8CVSS7.4AI score

Exploits0References3

OSV•added 2017/05/12 6:29 p.m.•12 views

CVE-2016-4886

Cross-site request forgery CSRF vulnerability in baserCMS plugin Mail version 3.0.10 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors...

8.8CVSS7.4AI score

Exploits0References3

Prion•added 2017/05/12 6:29 p.m.•19 views

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in baserCMS plugin Blog version 3.0.10 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors...

6.8CVSS7.6AI score0.00117EPSS

Exploits0References3Affected Software1

OSV•added 2017/05/12 6:29 p.m.•11 views

CVE-2016-4884

Cross-site request forgery CSRF vulnerability in baserCMS plugin Blog version 3.0.10 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors...

8.8CVSS7.4AI score

Exploits0References3

Cvelist•added 2017/05/12 6:0 p.m.•13 views

CVE-2016-4881

Cross-site request forgery CSRF vulnerability in baserCMS plugin Blog version 3.0.10 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors...

8.9AI score0.00118EPSS

Exploits0References3

CVE•added 2017/05/12 6:0 p.m.•38 views

CVE-2016-4887

CVE-2016-4887 is a CSRF vulnerability affecting baserCMS and its Uploader plugin. Restated details from multiple sources show that when the Uploader plugin is enabled and an administrative user visits a malicious URL, the attacker could cause unintended administrative operations (e.g., file delet...

8.8CVSS8.8AI score0.00117EPSS

Exploits0References3Affected Software1

Cvelist•added 2017/05/12 6:0 p.m.•12 views

CVE-2016-4885

Cross-site request forgery CSRF vulnerability in baserCMS plugin Feed version 3.0.10 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors...

8.9AI score0.00117EPSS

Exploits0References3

Cvelist•added 2017/05/12 6:0 p.m.•14 views

CVE-2016-4879

Cross-site request forgery CSRF vulnerability in baserCMS plugin Mail version 3.0.10 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors...

8.9AI score0.00121EPSS

Exploits0References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by