Moderate severityNVD Advisory· Published Jun 26, 2018· Updated Aug 5, 2024

CVE-2018-0575

Description

baserCMS (baserCMS 4.1.0.1 and earlier versions, baserCMS 3.0.15 and earlier versions) allows remote attackers to bypass access restriction in mail form to view a file which is uploaded by a site user via unspecified vectors.

Affected packages

Versions sourced from the GitHub Security Advisory.

Package	Affected versions	Patched versions
baserproject/basercmsPackagist	>= 4.0.0, <= 4.1.0.1	—
baserproject/basercmsPackagist	<= 3.0.15	—

Affected products

Basercms/Basercmsv5
Range: (baserCMS 4.1.0.1 and earlier versions, baserCMS 3.0.15 and earlier versions)

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

jvn.jp/en/jp/JVN67881316/index.htmlghsathird-party-advisoryx_refsource_JVNWEB
github.com/advisories/GHSA-w935-p7mg-xc96ghsaADVISORY
nvd.nist.gov/vuln/detail/CVE-2018-0575ghsaADVISORY
basercms.net/security/JVN67881316ghsax_refsource_MISCWEB

News mentions

No linked articles in our index yet.

cvss	0.260
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000