Lucene search
K

4 matches found

Snyk
Snyk
added 2026/03/31 2:30 a.m.3 views

Command Injection

Overview baserproject/basercms is a Content management system based on CakePHP. Affected versions of this package are vulnerable to Command Injection in the core update process. An attacker can execute arbitrary operating system commands on the server by supplying crafted input that is passed...

9.1CVSS6.2AI score0.02282EPSS
Exploits1References2
Snyk
Snyk
added 2026/03/31 2:30 a.m.7 views

Command Injection

Overview baserproject/basercms is a Content management system based on CakePHP. Affected versions of this package are vulnerable to Command Injection via the installer process. An attacker can execute arbitrary operating system commands by supplying crafted input during installation. Remediation...

9.8CVSS7.4AI score0.02059EPSS
Exploits0References2
Snyk
Snyk
added 2026/03/31 2:30 a.m.6 views

Incorrect Authorization

Overview baserproject/basercms is a Content management system based on CakePHP. Affected versions of this package are vulnerable to Incorrect Authorization via the mail submission API. An attacker can submit unauthorized mail form entries by sending requests to the public API endpoint, even when...

6.9CVSS5.8AI score0.00382EPSS
Exploits1References2
Snyk
Snyk
added 2026/03/31 2:30 a.m.6 views

Arbitrary File Upload

Overview baserproject/basercms is a Content management system based on CakePHP. Affected versions of this package are vulnerable to Arbitrary File Upload in the restore process. An attacker can execute arbitrary PHP code by uploading a crafted .zip archive containing a malicious PHP file, which i...

8.7CVSS6.2AI score0.00577EPSS
Exploits1References2
Rows per page
Query Builder