CyberSec.Space Logo
Back to CVE Browser

CVE-2017-10844

HIGH
8.8
CVSS Severity Score
EPSS Score0.0500%
EPSS Percentile30.28th
PublishedAug 29, 2017
Last ModifiedMay 13, 2026

Vulnerability Description

baserCMS 3.0.14 and earlier, 4.0.5 and earlier allows an attacker to execute arbitrary PHP code on the server via unspecified vectors.

Affected Platforms (CPE)

πŸ“¦
Basercms

Basercms

>= 3.0.0 and <= 3.0.14
πŸ“¦
Basercms

Basercms

>= 4.0.0 and <= 4.0.5

References & Advisories

πŸ”— http://jvn.jp/en/jp/JVN78151490/index.html
πŸ”— https://basercms.net/security/JVN78151490
πŸ”— http://jvn.jp/en/jp/JVN78151490/index.html
πŸ”— https://basercms.net/security/JVN78151490

Related Vulnerabilities

CVE-2017-108429.8

SQL injection vulnerability in the baserCMS 3.0.14 and earlier, 4.0.5 and earlier allows remote attackers to execute arbitrary SQL...

CVE-2021-412439.1

There is a Potential Zip Slip Vulnerability and OS Command Injection Vulnerability on the management system of baserCMS. Users wit...

CVE-2018-05698.8

baserCMS (baserCMS 4.1.0.1 and earlier versions, baserCMS 3.0.15 and earlier versions) allows remote authenticated attackers to ex...

CVE-2016-11728.8

Cross-site request forgery (CSRF) vulnerability in the Recruit plugin before 0.9.3 for baserCMS allows remote attackers to hijack ...