Baijiacms@4.1.4 Security Vulnerabilities and Issues — Baijiacms@4.1.4 CVE List

Lucene search

Baijiacms ProjectBaijiacms4.1.4

2 matches found

CVE•added 2023/02/15 10:15 p.m.•42 views

CVE-2021-33396

Cross Site Request Forgery (CSRF) vulnerability in baijiacms 4.1.4, allows attackers to change the password or other information of an arbitrary account via index.php.

6.5CVSS6.6AI score0.00103EPSS

CVE•added 2022/09/20 8:15 p.m.•39 views

CVE-2022-38931

A Server-Side Request Forgery (SSRF) in fetch_net_file_upload function of baijiacmsV4 v4.1.4 allows remote attackers to force the application to make arbitrary requests via injection of arbitrary URLs into the url parameter.

8.8CVSS8.8AI score0.01235EPSS