Baijiacms Security Vulnerabilities and Issues — Baijiacms CVE List

Lucene search

Baijiacms ProjectBaijiacms

4 matches found

CVE•added 2022/12/20 2:15 p.m.•52 views

CVE-2022-45942

A Remote Code Execution (RCE) vulnerability was found in includes/baijiacms/common.inc.php in baijiacms v4.

8.8CVSS8.9AI score0.27159EPSS

CVE•added 2022/09/20 8:15 p.m.•39 views

CVE-2022-38931

A Server-Side Request Forgery (SSRF) in fetch_net_file_upload function of baijiacmsV4 v4.1.4 allows remote attackers to force the application to make arbitrary requests via injection of arbitrary URLs into the url parameter.

8.8CVSS8.8AI score0.01235EPSS

CVE•added 2018/04/20 7:29 p.m.•33 views

CVE-2018-10249

baijiacms V3 has CSRF via index.php?mod=site&op=edituser&name=manager&do=user to add an administrator account.

8.8CVSS8.6AI score0.00145EPSS

CVE•added 2018/04/27 4:29 p.m.•30 views

CVE-2018-10503

An issue was discovered in index.php in baijiacms V4 v4_1_4_20170105. CSRF allows adding an administrator account via op=edituser, changing the administrator password via op=changepwd, or deleting an account via op=deleteuser.

8.8CVSS8.7AI score0.00141EPSS