CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

baserCMS is a website development framework. Versions prior to 5.1.2 have a cross-site scripting vulnerability in the Edit Email Form Settings Feature. Version 5.1.2 fixes the issue...

7.1CVSS6.1AI score0.01064EPSS

Exploits0

Japan Vulnerability Notes•added 2024/10/25 6:7 a.m.•3 views

Multiple vulnerabilities in baserCMS

Overview baserCMS provided by baserCMS Users Community contains multiple vulnerabilities listed below. Stored cross-site scripting vulnerability due to inappropriate Slug handling on Article Edit CWE-79 - CVE-2024-46996 Stored cross-site scripting vulnerability on Edit Email Form Settings CWE-79 ...

7.1CVSS5.9AI score0.01236EPSS

Exploits0References8

Japan Vulnerability Notes•added 2024/10/25 12:0 a.m.•11 views

JVN#00876083: Multiple vulnerabilities in baserCMS

baserCMS provided by baserCMS Users Community contains multiple vulnerabilities listed below. Stored cross-site scripting vulnerability due to inappropriate Slug handling on Article Edit CWE-79 CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N Base Score 5.4 CVE-2024-46996 Stored cross-site scripting...

7.1CVSS6.3AI score0.01236EPSS

Exploits0

Snyk•added 2024/10/24 7:41 p.m.•1 views

Cross-site Scripting (XSS)

Overview baserproject/basercms is a Content management system based on CakePHP. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the Edit Email Form Settings feature. An attacker can manipulate the web page content or hijack user sessions. Details Cross-site...

7.1CVSS5.3AI score0.01064EPSS

Exploits0References2

NVD•added 2024/10/24 7:15 p.m.•9 views

CVE-2024-46998

baserCMS is a website development framework. Versions prior to 5.1.2 have a cross-site scripting vulnerability in the Edit Email Form Settings Feature. Version 5.1.2 fixes the issue...

7.1CVSS0.01064EPSS

Exploits0References2

OSV•added 2024/10/24 6:52 p.m.•10 views

CVE-2024-46998 baserCMS has a Cross-site Scripting (XSS) Vulnerability in Edit Email Form Settings Feature

baserCMS is a website development framework. Versions prior to 5.1.2 have a cross-site scripting vulnerability in the Edit Email Form Settings Feature. Version 5.1.2 fixes the issue...

7.1CVSS5.8AI score0.01064EPSS

Exploits0References4

CVE•added 2024/10/24 6:52 p.m.•42 views

CVE-2024-46998

CVE-2024-46998 affects baserCMS with a cross-site scripting (XSS) vulnerability in the Edit Email Form Settings feature. Multiple connected sources confirm the issue resides in baserCMS and can permit script execution under certain conditions. The issue is addressed in newer baserCMS releases: up...

7.1CVSS5.7AI score0.01064EPSS

Exploits0References2Affected Software1

Cvelist•added 2024/10/24 6:52 p.m.•13 views

CVE-2024-46998 baserCMS has a Cross-site Scripting (XSS) Vulnerability in Edit Email Form Settings Feature

baserCMS is a website development framework. Versions prior to 5.1.2 have a cross-site scripting vulnerability in the Edit Email Form Settings Feature. Version 5.1.2 fixes the issue...

7.1CVSS0.01064EPSS

Exploits0References2

Vulnrichment•added 2024/10/24 6:52 p.m.•14 views

CVE-2024-46998 baserCMS has a Cross-site Scripting (XSS) Vulnerability in Edit Email Form Settings Feature

baserCMS is a website development framework. Versions prior to 5.1.2 have a cross-site scripting vulnerability in the Edit Email Form Settings Feature. Version 5.1.2 fixes the issue...

7.1CVSS6.2AI score0.01064EPSS

Exploits0References2

Github Security Blog•added 2024/10/24 5:45 p.m.•11 views

baserCMS has a Cross-site Scripting (XSS) Vulnerability in Edit Email Form Settings Feature

XSS vulnerability in Edit Email Form Settings Feature to baserCMS. Target baserCMS 5.1.1 and earlier versions Vulnerability Malicious code may be executed in Edit Email Form Settings feature. Countermeasures Update to the latest version of baserCMS Please refer to the following page to reference...

7.1CVSS6.3AI score0.01064EPSS

Exploits0References5Affected Software1

OSV•added 2024/10/24 5:45 p.m.•9 views

GHSA-P3M2-MJ3J-J49X baserCMS has a Cross-site Scripting (XSS) Vulnerability in Edit Email Form Settings Feature

7.1CVSS6AI score0.01064EPSS

Exploits0References5

CNNVD•added 2024/10/24 12:0 a.m.•1 views

baserCMS 跨站脚本漏洞

baserCMS is an Enterprise Content Management System CMS from the baserCMS team. A cross-site scripting vulnerability exists in baserCMS versions prior to 5.1.2, which stems from a cross-site scripting vulnerability in the Edit Email Form Settings feature...

7.1CVSS5.9AI score0.01064EPSS

Exploits0References3

CNVD•added 2019/08/14 12:0 a.m.•1 views

Joomla! access control error vulnerability (CNVD-2020-12777)

Joomla! is the U.S. Open Source Matters team of a set of PHP and MySQL development using open source , cross-platform content management system CMS. An access control error vulnerability exists in Joomla! An attacker can exploit the vulnerability to submit an incorrect form of email...

5.3CVSS6.8AI score0.00029EPSS

Exploits0References1

CNVD•added 2018/05/22 12:0 a.m.•1 views

BaserCMS Privilege Access Control Vulnerability

baserCMS is an enterprise-level content management system CMS. A privilege access control vulnerability exists in baserCMS versions 4.1.0.1 and earlier and 3.0.15 and earlier, which stems from the program failing to restrict access. The vulnerability can be exploited by a remote attacker to bypas...

5.3CVSS5.7AI score0.00169EPSS

Exploits0References1

0day.today•added 2018/04/12 12:0 a.m.•20 views

IMP XForm 2.0 DatalifeEngine SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: IMP XForm v2.0 DatalifeEngine Module SQL Injection Exploit Author: Hesam Bazvand Software Link: http://www.datalifeengine.ir/download/1396/IMP.XForm.v2.0.zip Tested on: Windows 10 / Kali Linux Category: WebApps Dork :...

0.2AI score

Exploits0

Prion•added 2017/07/24 1:29 p.m.•8 views

Cross site request forgery (csrf)

In SimpleRisk 20170614-001, a CSRF attack on reset.php aka the Send Password Reset Email form can insert XSS sequences via the user parameter...

4.3CVSS6AI score0.0024EPSS

Exploits1References2Affected Software1

Openbugbounty•added 2017/06/30 12:45 p.m.•8 views

inman.com XSS vulnerability

Open Bug Bounty ID: OBB-255321 Description| Value ---|--- Affected Website:| inman.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

6.3AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by