Lucene search
K

752 matches found

ATTACKERKB
ATTACKERKB
added 2026/03/31 12:45 a.m.3 views

CVE-2026-30878

baserCMS is a website development framework. Prior to version 5.2.3, a public mail submission API allows unauthenticated users to submit mail form entries even when the corresponding form is not accepting submissions. This bypasses administrative controls intended to stop form intake and enables...

5.3CVSS5.8AI score0.00382EPSS
Exploits1References4Affected Software1
CVE
CVE
added 2026/03/31 12:45 a.m.9 views

CVE-2026-30878

CVE-2026-30878 affects baserCMS. Before 5.2.3, the public mail submission API allowed unauthenticated users to submit mail form entries even when the form was not accepting submissions, bypassing administrative controls and enabling spam via the API. This issue is patched in version 5.2.3 . The C...

5.3CVSS5.8AI score0.00382EPSS
Exploits1References3Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/31 12:45 a.m.3 views

CVE-2026-30878 baserCMS: Mail Form Acceptance Bypass via Public API

baserCMS is a website development framework. Prior to version 5.2.3, a public mail submission API allows unauthenticated users to submit mail form entries even when the corresponding form is not accepting submissions. This bypasses administrative controls intended to stop form intake and enables...

5.3CVSS5.8AI score0.00382EPSS
Exploits1References3
OSV
OSV
added 2026/03/31 12:45 a.m.6 views

CVE-2026-30878 baserCMS: Mail Form Acceptance Bypass via Public API

baserCMS is a website development framework. Prior to version 5.2.3, a public mail submission API allows unauthenticated users to submit mail form entries even when the corresponding form is not accepting submissions. This bypasses administrative controls intended to stop form intake and enables...

5.3CVSS5.8AI score0.00382EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2026/03/31 12:45 a.m.3 views

CVE-2026-30877

baserCMS is a website development framework. Prior to version 5.2.3, there is an OS command injection vulnerability in the update functionality. Due to this issue, an authenticated user with administrator privileges in baserCMS can execute arbitrary OS commands on the server with the privileges o...

9.1CVSS6AI score0.01516EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2026/03/31 12:45 a.m.9 views

CVE-2026-30877

baserCMS (website development framework) has an OS command injection in the update functionality prior to v5.2.3. An authenticated administrator can run arbitrary OS commands on the server with the baserCMS process user privileges. The issue is fixed in version 5.2.3 per CVE-2026-30877 (NVD and C...

9.1CVSS6AI score0.01516EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/31 12:45 a.m.7 views

CVE-2026-30877 baserCMS: OS Command Injection in the baserCMS Update Functionality

baserCMS is a website development framework. Prior to version 5.2.3, there is an OS command injection vulnerability in the update functionality. Due to this issue, an authenticated user with administrator privileges in baserCMS can execute arbitrary OS commands on the server with the privileges o...

9.1CVSS6AI score0.01516EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/03/31 12:45 a.m.23 views

CVE-2026-30877 baserCMS: OS Command Injection in the baserCMS Update Functionality

baserCMS is a website development framework. Prior to version 5.2.3, there is an OS command injection vulnerability in the update functionality. Due to this issue, an authenticated user with administrator privileges in baserCMS can execute arbitrary OS commands on the server with the privileges o...

9.1CVSS0.01516EPSS
Exploits0References3
OSV
OSV
added 2026/03/31 12:45 a.m.4 views

CVE-2026-30877 baserCMS: OS Command Injection in the baserCMS Update Functionality

baserCMS is a website development framework. Prior to version 5.2.3, there is an OS command injection vulnerability in the update functionality. Due to this issue, an authenticated user with administrator privileges in baserCMS can execute arbitrary OS commands on the server with the privileges o...

9.1CVSS6AI score0.01516EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/03/31 12:44 a.m.2 views

CVE-2026-30880

baserCMS is a website development framework. Prior to version 5.2.3, baserCMS has an OS command injection vulnerability in the installer. This issue has been patched in version 5.2.3...

9.2CVSS5.8AI score0.02059EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2026/03/31 12:44 a.m.25 views

CVE-2026-30880 baserCMS: OS command injection vulnerability in installer

baserCMS is a website development framework. Prior to version 5.2.3, baserCMS has an OS command injection vulnerability in the installer. This issue has been patched in version 5.2.3...

9.2CVSS0.02059EPSS
Exploits0References3
CVE
CVE
added 2026/03/31 12:44 a.m.14 views

CVE-2026-30880

The CVE-2026-30880 issue affects baserCMS prior to version 5.2.3, where an OS command injection vulnerability exists in the installer. The root cause is an inadequate input validation/command execution handling during installation, allowing an attacker who places baserCMS on a server (not yet ins...

9.8CVSS7AI score0.02059EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2026/03/31 12:44 a.m.3 views

CVE-2026-30880 baserCMS: OS command injection vulnerability in installer

baserCMS is a website development framework. Prior to version 5.2.3, baserCMS has an OS command injection vulnerability in the installer. This issue has been patched in version 5.2.3...

9.2CVSS7.1AI score0.02059EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/03/31 12:44 a.m.9 views

CVE-2026-30880 baserCMS: OS command injection vulnerability in installer

baserCMS is a website development framework. Prior to version 5.2.3, baserCMS has an OS command injection vulnerability in the installer. This issue has been patched in version 5.2.3...

9.2CVSS5.8AI score0.02059EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/03/31 12:44 a.m.3 views

CVE-2026-27697

baserCMS is a website development framework. Prior to version 5.2.3, baserCMS has a SQL injection vulnerability in blog posts. This issue has been patched in version 5.2.3...

6.9CVSS5.8AI score0.00412EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/31 12:44 a.m.1 views

CVE-2026-27697 baserCMS: SQL injection vulnerability in blog post

baserCMS is a website development framework. Prior to version 5.2.3, baserCMS has a SQL injection vulnerability in blog posts. This issue has been patched in version 5.2.3...

6.9CVSS5.8AI score0.00412EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/03/31 12:44 a.m.26 views

CVE-2026-27697 baserCMS: SQL injection vulnerability in blog post

baserCMS is a website development framework. Prior to version 5.2.3, baserCMS has a SQL injection vulnerability in blog posts. This issue has been patched in version 5.2.3...

6.9CVSS0.00412EPSS
Exploits0References3
OSV
OSV
added 2026/03/31 12:44 a.m.8 views

CVE-2026-27697 baserCMS: SQL injection vulnerability in blog post

baserCMS is a website development framework. Prior to version 5.2.3, baserCMS has a SQL injection vulnerability in blog posts. This issue has been patched in version 5.2.3...

6.9CVSS7.1AI score0.00412EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/03/31 12:43 a.m.3 views

CVE-2026-21861 baserCMS: OS Command Injection Leading to Remote Code Execution (RCE)

baserCMS is a website development framework. Prior to version 5.2.3, baserCMS contains an OS command injection vulnerability in the core update functionality. An authenticated administrator can execute arbitrary OS commands on the server due to improper handling of user-controlled input that is...

9.1CVSS6.1AI score0.02282EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2026/03/31 12:43 a.m.2 views

CVE-2026-21861

baserCMS is a website development framework. Prior to version 5.2.3, baserCMS contains an OS command injection vulnerability in the core update functionality. An authenticated administrator can execute arbitrary OS commands on the server due to improper handling of user-controlled input that is...

9.1CVSS6.1AI score0.02282EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder