VYPR
← All advisories
Unrated severityNVD Advisory· Published May 15, 2012· Updated Apr 29, 2026

CVE-2012-1248

CVE-2012-1248

Description

app/config/core.php in baserCMS 1.6.15 and earlier does not properly handle installations in shared-hosting environments, which allows remote attackers to hijack sessions by leveraging administrative access to a different domain.

Affected products

30
  • Basercms/Basercms30 versions
    cpe:2.3:a:basercms:basercms:*:*:*:*:*:*:*:*+ 29 more
    • cpe:2.3:a:basercms:basercms:*:*:*:*:*:*:*:*range: <=1.6.15
    • cpe:2.3:a:basercms:basercms:1.5.4:*:*:*:*:*:*:*
    • cpe:2.3:a:basercms:basercms:1.5.5:*:*:*:*:*:*:*
    • cpe:2.3:a:basercms:basercms:1.5.6:*:*:*:*:*:*:*
    • cpe:2.3:a:basercms:basercms:1.5.7:*:*:*:*:*:*:*
    • cpe:2.3:a:basercms:basercms:1.5.8:*:*:*:*:*:*:*
    • cpe:2.3:a:basercms:basercms:1.5.9:*:*:*:*:*:*:*
    • cpe:2.3:a:basercms:basercms:1.6.0:*:*:*:*:*:*:*
    • cpe:2.3:a:basercms:basercms:1.6.1:*:*:*:*:*:*:*
    • cpe:2.3:a:basercms:basercms:1.6.10:*:*:*:*:*:*:*
    • cpe:2.3:a:basercms:basercms:1.6.11:*:*:*:*:*:*:*
    • cpe:2.3:a:basercms:basercms:1.6.11.1:*:*:*:*:*:*:*
    • cpe:2.3:a:basercms:basercms:1.6.11.2:*:*:*:*:*:*:*
    • cpe:2.3:a:basercms:basercms:1.6.11.3:*:*:*:*:*:*:*
    • cpe:2.3:a:basercms:basercms:1.6.11.4:*:*:*:*:*:*:*
    • cpe:2.3:a:basercms:basercms:1.6.12:*:*:*:*:*:*:*
    • cpe:2.3:a:basercms:basercms:1.6.13:*:*:*:*:*:*:*
    • cpe:2.3:a:basercms:basercms:1.6.13.1:*:*:*:*:*:*:*
    • cpe:2.3:a:basercms:basercms:1.6.13.6:*:*:*:*:*:*:*
    • cpe:2.3:a:basercms:basercms:1.6.14:*:*:*:*:*:*:*
    • cpe:2.3:a:basercms:basercms:1.6.2:*:*:*:*:*:*:*
    • cpe:2.3:a:basercms:basercms:1.6.3:*:*:*:*:*:*:*
    • cpe:2.3:a:basercms:basercms:1.6.4:*:*:*:*:*:*:*
    • cpe:2.3:a:basercms:basercms:1.6.5:*:*:*:*:*:*:*
    • cpe:2.3:a:basercms:basercms:1.6.6:*:*:*:*:*:*:*
    • cpe:2.3:a:basercms:basercms:1.6.7:*:*:*:*:*:*:*
    • cpe:2.3:a:basercms:basercms:1.6.7.1:*:*:*:*:*:*:*
    • cpe:2.3:a:basercms:basercms:1.6.8:*:*:*:*:*:*:*
    • cpe:2.3:a:basercms:basercms:1.6.9:*:*:*:*:*:*:*
    • cpe:2.3:a:basercms:basercms:1.6.9.1:*:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

5

News mentions

0

No linked articles in our index yet.