Lucene search
K

752 matches found

Github Security Blog
Github Security Blog
added 2024/10/24 5:45 p.m.18 views

baserCMS has a Cross-site Scripting (XSS) Vulnerability in Edit Email Form Settings Feature

XSS vulnerability in Edit Email Form Settings Feature to baserCMS. Target baserCMS 5.1.1 and earlier versions Vulnerability Malicious code may be executed in Edit Email Form Settings feature. Countermeasures Update to the latest version of baserCMS Please refer to the following page to reference...

7.1CVSS6.3AI score0.00328EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2024/10/24 5:45 p.m.9 views

GHSA-66JV-QRM3-VVFG baserCMS has a Cross-site Scripting (XSS) Vulnerability in Blog posts Feature

XSS vulnerability in Blog posts feature to baserCMS. Target baserCMS 5.1.1 and earlier versions Vulnerability Malicious code may be executed in Blog posts feature. Countermeasures Update to the latest version of baserCMS Please refer to the following page to reference for more information...

6.3CVSS6AI score0.00303EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2024/10/24 5:45 p.m.16 views

baserCMS has a Cross-site Scripting (XSS) Vulnerability in Blog posts Feature

XSS vulnerability in Blog posts feature to baserCMS. Target baserCMS 5.1.1 and earlier versions Vulnerability Malicious code may be executed in Blog posts feature. Countermeasures Update to the latest version of baserCMS Please refer to the following page to reference for more information...

6.3CVSS6.3AI score0.00303EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added 2024/10/24 5:44 p.m.15 views

baserCMS has a Cross-site Scripting (XSS) Vulnerability in HTTP 400 Bad Request

XSS vulnerability in HTTP 400 Bad Request to baserCMS. Target baserCMS 5.1.1 and earlier versions Vulnerability Malicious code may be executed in HTTP 400 Bad Request. Countermeasures Update to the latest version of baserCMS Please refer to the following page to reference for more information...

6.1CVSS6.3AI score0.00286EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2024/10/24 5:44 p.m.12 views

GHSA-MR7Q-FV7J-JCGV baserCMS has a Cross-site Scripting (XSS) Vulnerability in HTTP 400 Bad Request

XSS vulnerability in HTTP 400 Bad Request to baserCMS. Target baserCMS 5.1.1 and earlier versions Vulnerability Malicious code may be executed in HTTP 400 Bad Request. Countermeasures Update to the latest version of baserCMS Please refer to the following page to reference for more information...

6.1CVSS6.3AI score0.00286EPSS
Exploits0References5
OSV
OSV
added 2024/10/24 5:43 p.m.8 views

GHSA-WRJC-FMFQ-W3JR baserCMS has a Cross-site Scripting (XSS) Vulnerability in Blog posts and Contents list Feature

XSS vulnerability in Blog posts and Contents list Feature to baserCMS. Target baserCMS 5.1.1 and earlier versions Vulnerability Malicious code may be executed in Blog posts and Contents list feature. Countermeasures Update to the latest version of baserCMS Please refer to the following page to...

5.4CVSS5.6AI score0.0028EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2024/10/24 5:43 p.m.15 views

baserCMS has a Cross-site Scripting (XSS) Vulnerability in Blog posts and Contents list Feature

XSS vulnerability in Blog posts and Contents list Feature to baserCMS. Target baserCMS 5.1.1 and earlier versions Vulnerability Malicious code may be executed in Blog posts and Contents list feature. Countermeasures Update to the latest version of baserCMS Please refer to the following page to...

5.4CVSS6.3AI score0.0028EPSS
Exploits0References4Affected Software1
CNNVD
CNNVD
added 2024/10/24 12:0 a.m.3 views

baserCMS 跨站脚本漏洞

baserCMS is an enterprise-level content management system CMS from the baserCMS team. A cross-site scripting vulnerability exists in baserCMS versions prior to 5.1.2, which stems from a cross-site scripting vulnerability in the blog post feature...

6.3CVSS5.9AI score0.00303EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/10/24 12:0 a.m.2 views

baserCMS 跨站脚本漏洞

baserCMS is an enterprise-level content management system CMS from the baserCMS team. A cross-site scripting vulnerability exists in baserCMS versions prior to 5.1.2, which stems from a cross-site scripting vulnerability in the blog post and content list functionality...

5.4CVSS5.9AI score0.0028EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/10/24 12:0 a.m.5 views

PT-2024-32328 · Basercms · Basercms

Name of the Vulnerable Software and Affected Versions: baserCMS versions prior to 5.1.2 Description: The issue is a cross-site scripting vulnerability in the Blog posts feature of baserCMS, a website development framework. This vulnerability allows malicious code to be executed in the Blog posts...

6.3CVSS6.5AI score0.00303EPSS
Exploits0References8
CNNVD
CNNVD
added 2024/10/24 12:0 a.m.3 views

baserCMS 跨站脚本漏洞

baserCMS is an Enterprise Content Management System CMS from the baserCMS team. A cross-site scripting vulnerability exists in baserCMS versions prior to 5.1.2, which stems from a cross-site scripting vulnerability in the Edit Email Form Settings feature...

7.1CVSS5.9AI score0.00328EPSS
Exploits0References3
NVD
NVD
added 2024/10/11 6:15 p.m.8 views

CVE-2024-44807

A directory listing issue in the baserCMS plugin in D-ZERO CO., LTD. BurgerEditor and BurgerEditor Limited Edition before 2.25.1 allows remote attackers to obtain sensitive information by exposing a list of the uploaded files...

5.3CVSS0.00516EPSS
Exploits0References6
Cvelist
Cvelist
added 2024/10/11 12:0 a.m.16 views

CVE-2024-44807

A directory listing issue in the baserCMS plugin in D-ZERO CO., LTD. BurgerEditor and BurgerEditor Limited Edition before 2.25.1 allows remote attackers to obtain sensitive information by exposing a list of the uploaded files...

0.00516EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2024/10/11 12:0 a.m.10 views

CVE-2024-44807

A directory listing issue in the baserCMS plugin in D-ZERO CO., LTD. BurgerEditor and BurgerEditor Limited Edition before 2.25.1 allows remote attackers to obtain sensitive information by exposing a list of the uploaded files...

6.5AI score0.00516EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2024/10/11 12:0 a.m.3 views

PT-2024-31258 · D Zero Co. · Basercms +2

Name of the Vulnerable Software and Affected Versions: baserCMS plugin in D-ZERO CO., LTD. BurgerEditor and BurgerEditor Limited Edition versions prior to 2.25.1 Description: A directory listing issue allows remote attackers to obtain sensitive information by exposing a list of the uploaded files...

5.3CVSS6.9AI score0.00516EPSS
Exploits0References9
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2024/10/10 5:57 a.m.1 views

baserCMS plugin "BurgerEditor" vulnerable to directory listing

Overview baserCMS plugin "BurgerEditor" provided by D-ZERO CO.,LTD. contains a directory listing vulnerability CWE-548, CVE-2024-44807. If accessing a URL of the web site using the plugin that has a specific string added to the end, a list of uploaded files may be obtained. In addition, the...

5.3CVSS6.7AI score0.00516EPSS
Exploits0References4
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2024/10/10 12:0 a.m.13 views

JVN#54676967: baserCMS plugin "BurgerEditor" vulnerable to directory listing

baserCMS plugin "BurgerEditor" provided by D-ZERO CO.,LTD. contains a directory listing vulnerability CWE-548, CVE-2024-44807. If accessing a URL of the web site using the plugin that has a specific string added to the end, a list of uploaded files may be obtained. In addition, the uploaded file...

5.3CVSS6.9AI score0.00516EPSS
Exploits0
CNVD
CNVD
added 2024/03/14 12:0 a.m.4 views

BaserCMS Command Injection Vulnerability (CNVD-2024-13537)

baserCMS is an enterprise-level content management system CMS from the baserCMS team. A command injection vulnerability exists in versions of baserCMS prior to 5.0.9, which stems from a failure to properly filter constructed command special characters, commands, etc. in the site search function. ...

8.1CVSS7.1AI score0.01455EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2024/02/28 12:0 a.m.6 views

The vulnerability of the CMS system BaserCMS arises from the lack of measures taken to neutralize special elements used in the operating system’s command set, allowing attackers to execute arbitrary commands.

The vulnerability of the CMS system BaserCMS exists due to the lack of measures taken to neutralize special elements. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands remotely...

5.6CVSS7AI score0.01455EPSS
Exploits0References4Affected Software1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2024/02/27 5:25 a.m.1 views

Multiple vulnerabilities in baserCMS

Overview baserCMS provided by baserCMS Users Community contains multiple vulnerabilities listed below. Reflected cross-site scripting vulnerability in Site search Feature CWE-79 - CVE-2023-44379 Stored cross-site scripting vulnerability in Content Management CWE-79 - CVE-2024-26128 OS command...

8.1CVSS6.7AI score0.01455EPSS
Exploits0References7
Rows per page
Query Builder