Moderate severityNVD Advisory· Published Jun 26, 2018· Updated Aug 5, 2024

CVE-2018-0573

Description

baserCMS (baserCMS 4.1.0.1 and earlier versions, baserCMS 3.0.15 and earlier versions) allows remote attackers to bypass access restriction for a content to view a file which is uploaded by a site user via unspecified vectors.

Affected packages

Versions sourced from the GitHub Security Advisory.

Package	Affected versions	Patched versions
baserproject/basercmsPackagist	< 3.0.16	3.0.16
baserproject/basercmsPackagist	>= 4.0.0, < 4.1.1	4.1.1

Affected products

Basercms/Basercmsv5
Range: (baserCMS 4.1.0.1 and earlier versions, baserCMS 3.0.15 and earlier versions)

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

jvn.jp/en/jp/JVN67881316/index.htmlghsathird-party-advisoryx_refsource_JVNWEB
github.com/advisories/GHSA-33fq-qm4m-cjw3ghsaADVISORY
nvd.nist.gov/vuln/detail/CVE-2018-0573ghsaADVISORY
basercms.net/security/JVN67881316ghsax_refsource_MISCWEB

News mentions

No linked articles in our index yet.

cvss	0.260
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000