CyberSec.Space Logo
Back to CVE Browser

CVE-2017-10842

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.1970%
EPSS Percentile23.09th
PublishedAug 29, 2017
Last ModifiedMay 13, 2026

Vulnerability Description

SQL injection vulnerability in the baserCMS 3.0.14 and earlier, 4.0.5 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

Affected Platforms (CPE)

πŸ“¦
Basercms

Basercms

>= 3.0.0 and <= 3.0.14
πŸ“¦
Basercms

Basercms

>= 4.0.0 and <= 4.0.5

References & Advisories

πŸ”— http://jvn.jp/en/jp/JVN78151490/index.html
πŸ”— https://basercms.net/security/JVN78151490
πŸ”— http://jvn.jp/en/jp/JVN78151490/index.html
πŸ”— https://basercms.net/security/JVN78151490

Related Vulnerabilities

CVE-2021-412439.1

There is a Potential Zip Slip Vulnerability and OS Command Injection Vulnerability on the management system of baserCMS. Users wit...

CVE-2016-11708.8

Cross-site request forgery (CSRF) vulnerability in the Casebook plugin before 0.9.4 for baserCMS allows remote attackers to hijack...

CVE-2016-11728.8

Cross-site request forgery (CSRF) vulnerability in the Recruit plugin before 0.9.3 for baserCMS allows remote attackers to hijack ...

CVE-2016-11748.8

Cross-site request forgery (CSRF) vulnerability in the Menubook plugin before 0.9.3 for baserCMS allows remote attackers to hijack...