CVE-2018-0569 – baserproject/basercms

Package

Manager: composer
Name: baserproject/basercms
Vulnerable Version: >=4.0.0 <=4.1.0.1 || >=0 <=3.0.15

Severity

Level: High

CVSS v3.1: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

EPSS: 0.01054 pctl0.76749

Details

OS Command Injection in baserCMS baserCMS (baserCMS 4.1.0.1 and earlier versions, baserCMS 3.0.15 and earlier versions) allows remote authenticated attackers to execute arbitrary OS commands via unspecified vectors.

Metadata

Created: 2022-05-14T03:06:07Z
Modified: 2023-10-06T16:48:31Z
Source: https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-6j3p-vrph-j7qq/GHSA-6j3p-vrph-j7qq.json
CWE IDs: ["CWE-78"]
Alternative ID: GHSA-6j3p-vrph-j7qq
Finding: F404
Auto approve: 1