Vulnerabilities (CVE)

Filtered by vendor E-catchup Subscribe

Filtered by product Basercms

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 4 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2015-5641	1 E-catchup	1 Basercms	2015-10-06	6.5 MEDIUM	N/A
SQL injection vulnerability in baserCMS before 3.0.8 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
CVE-2015-5640	1 E-catchup	1 Basercms	2015-10-06	6.5 MEDIUM	N/A
baserCMS before 3.0.8 allows remote authenticated users to modify arbitrary user settings via a crafted request.
CVE-2011-2674	1 E-catchup	1 Basercms	2012-05-22	4.9 MEDIUM	N/A
BaserCMS before 1.6.12 does not properly restrict additions to the membership of the operators group, which allows remote authenticated users to gain privileges via unspecified vectors.
CVE-2011-2673	1 E-catchup	1 Basercms	2011-11-08	4.3 MEDIUM	N/A
Cross-site scripting (XSS) vulnerability in BaserCMS before 1.6.13.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.