Lucene search
K

752 matches found

Japan Vulnerability Notes
Japan Vulnerability Notes
added 2012/05/15 12:0 a.m.32 views

JVN#53465692: baserCMS vulnerable to session management

baserCMS is an open-source Contents Management System CMS. baserCMS contains a vulnerability in session management. Impact If a web server is hosting several websites, and baserCMS are installed on the respective websites, an administrator of a baserCMS can access baserCMS instance of the other...

5.1CVSS6.2AI score0.02699EPSS
Exploits0
NVD
NVD
added 2011/10/02 2:53 a.m.18 views

CVE-2011-2673

Cross-site scripting XSS vulnerability in BaserCMS before 1.6.13.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS5.7AI score0.01549EPSS
Exploits0References3
NVD
NVD
added 2011/10/02 2:53 a.m.21 views

CVE-2011-2674

BaserCMS before 1.6.12 does not properly restrict additions to the membership of the operators group, which allows remote authenticated users to gain privileges via unspecified vectors...

4.9CVSS6.5AI score0.01344EPSS
Exploits0References3
Prion
Prion
added 2011/10/02 2:53 a.m.14 views

Design/Logic Flaw

BaserCMS before 1.6.12 does not properly restrict additions to the membership of the operators group, which allows remote authenticated users to gain privileges via unspecified vectors...

4.9CVSS7AI score0.01344EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2011/10/02 2:53 a.m.14 views

Cross site scripting

Cross-site scripting XSS vulnerability in BaserCMS before 1.6.13.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS6.1AI score0.01549EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2011/10/02 1:0 a.m.16 views

CVE-2011-2673

Cross-site scripting XSS vulnerability in BaserCMS before 1.6.13.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

5.7AI score0.01549EPSS
Exploits0References3
CVE
CVE
added 2011/10/02 1:0 a.m.63 views

CVE-2011-2674

CVE-2011-2674 affects BaserCMS prior to 1.6.12. The issue is an access-control bug where adding a user to the default operators group does not properly restrict privileges, allowing remote authenticated users to escalate privileges. Affected versions include BaserCMS 1.6.11.4 and earlier. Root ca...

4.9CVSS6.6AI score0.01344EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2011/10/02 1:0 a.m.44 views

CVE-2011-2673

CVE-2011-2673 corresponds to a cross-site scripting (XSS) vulnerability in BaserCMS prior to 1.6.13.2. The issue allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Affected software is BaserCMS, with versions up to 1.6.13.1 explicitly mentioned; the vulnerabil...

4.3CVSS5.8AI score0.01549EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2011/10/02 1:0 a.m.27 views

CVE-2011-2674

BaserCMS before 1.6.12 does not properly restrict additions to the membership of the operators group, which allows remote authenticated users to gain privileges via unspecified vectors...

6.5AI score0.01344EPSS
Exploits0References3
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2011/09/30 9:45 a.m.4 views

BaserCMS vulnerable to access restriction

Overview BaserCMS contains a vulnerability in access restriction. BaserCMS is an open-source Contents Management System CMS. BaserCMS contains a vulnerability in access restriction where adding a user in the user group "operators" which is created by default when BaserCMS is installed. Masako Ohn...

4.9CVSS6.6AI score0.01344EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2011/09/30 12:0 a.m.31 views

JVN#16617002: BaserCMS vulnerable to access restriction

BaserCMS is an open-source Contents Management System CMS. BaserCMS contains a vulnerability in access restriction where adding a user in the user group "operators" which is created by default when BaserCMS is installed. Impact Users without administrative privileges may obtain administrative...

4.9CVSS6.2AI score0.01344EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2011/09/30 12:0 a.m.27 views

JVN#09789751: BaserCMS vulnerable to cross-site scripting

BaserCMS is an open-source Contents Management System CMS. BaserCMS contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Update the software Update to the latest version according to the information provided by the developer...

4.3CVSS6AI score0.01549EPSS
Exploits0
Rows per page
Query Builder