CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

51 matches found

RedhatCVE•added 2026/04/01 5:0 a.m.•2 views

CVE-2026-21861

baserCMS is a website development framework. Prior to version 5.2.3, baserCMS contains an OS command injection vulnerability in the core update functionality. An authenticated administrator can execute arbitrary OS commands on the server due to improper handling of user-controlled input that is...

9.1CVSS6AI score0.00131EPSS

Exploits1References1

Cvelist•added 2026/03/31 12:46 a.m.•20 views

CVE-2026-32734 baserCMS: Multiple vulnerabilities in baserCMS

baserCMS is a website development framework. Prior to version 5.2.3, baserCMS has DOM-based cross-site scripting in tag creation. This issue has been patched in version 5.2.3...

7.1CVSS0.00012EPSS

Exploits0References3

OSV•added 2026/03/31 12:45 a.m.•2 views

CVE-2026-30877 baserCMS: OS Command Injection in the baserCMS Update Functionality

baserCMS is a website development framework. Prior to version 5.2.3, there is an OS command injection vulnerability in the update functionality. Due to this issue, an authenticated user with administrator privileges in baserCMS can execute arbitrary OS commands on the server with the privileges o...

9.1CVSS6AI score0.00063EPSS

Exploits0References5

RedhatCVE•added 2026/01/09 9:30 a.m.•6 views

CVE-2023-43649

baserCMS is a website development framework. Prior to version 4.8.0, there is a cross site request forgery vulnerability in the content preview feature of baserCMS. Version 4.8.0 contains a patch for this issue...

9.8CVSS6.5AI score0.00118EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 9:1 a.m.•4 views

CVE-2023-25655

baserCMS is a Content Management system. Prior to version 4.7.5, any file may be uploaded on the management system of baserCMS. Version 4.7.5 contains a patch...

9.8CVSS6.7AI score0.00561EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 8:54 a.m.•6 views

CVE-2021-41279

BaserCMS is an open source content management system with a focus on Japanese language support. In affected versions users with upload privilege may upload crafted zip files capable of path traversal on the host operating system. This is a vulnerability that needs to be addressed when the...

9CVSS6.8AI score0.00438EPSS

Exploits0References1