Baijiacms Security Vulnerabilities and Issues — Baijiacms CVE List

Lucene search

Baijiacms ProjectBaijiacms

3 matches found

CVE•added 2018/04/20 7:29 p.m.•34 views

CVE-2018-10249

baijiacms V3 has CSRF via index.php?mod=site&op=edituser&name=manager&do=user to add an administrator account.

8.8CVSS8.6AI score0.00145EPSS

CVE•added 2018/04/27 4:29 p.m.•32 views

CVE-2018-10503

An issue was discovered in index.php in baijiacms V4 v4_1_4_20170105. CSRF allows adding an administrator account via op=edituser, changing the administrator password via op=changepwd, or deleting an account via op=deleteuser.

8.8CVSS8.7AI score0.00141EPSS

CVE•added 2018/04/19 8:29 a.m.•31 views

CVE-2018-10219

baijiacms V3 has physical path leakage via an index.php?mod=mobile&name=member&do=index request.

5.3CVSS5.2AI score0.00232EPSS