Moderate severityNVD Advisory· Published Jun 26, 2018· Updated Aug 5, 2024

CVE-2018-0571

Description

baserCMS (baserCMS 4.1.0.1 and earlier versions, baserCMS 3.0.15 and earlier versions) allows remote attackers with a site operator privilege to upload arbitrary files.

Affected packages

Versions sourced from the GitHub Security Advisory.

Package	Affected versions	Patched versions
baserproject/basercmsPackagist	>= 4.0.0, < 4.1.1	4.1.1
baserproject/basercmsPackagist	< 3.0.16	3.0.16

Affected products

Basercms/Basercmsv5
Range: (baserCMS 4.1.0.1 and earlier versions, baserCMS 3.0.15 and earlier versions)

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

jvn.jp/en/jp/JVN67881316/index.htmlghsathird-party-advisoryx_refsource_JVNWEB
github.com/advisories/GHSA-3mcp-6rv6-c69gghsaADVISORY
nvd.nist.gov/vuln/detail/CVE-2018-0571ghsaADVISORY
basercms.net/security/JVN67881316ghsax_refsource_MISCWEB

News mentions

No linked articles in our index yet.

cvss	0.260
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000