CyberSec.Space Logo
返回 CVE 浏览器

CVE-2017-10842

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.1970%
EPSS Percentile23.09th
Published2017年8月29日
Last Modified2026年5月13日

Vulnerability Description

SQL injection vulnerability in the baserCMS 3.0.14 and earlier, 4.0.5 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

Affected Platforms (CPE)

📦
Basercms

Basercms

>= 3.0.0 and <= 3.0.14
📦
Basercms

Basercms

>= 4.0.0 and <= 4.0.5

References & Advisories

🔗 http://jvn.jp/en/jp/JVN78151490/index.html
🔗 https://basercms.net/security/JVN78151490
🔗 http://jvn.jp/en/jp/JVN78151490/index.html
🔗 https://basercms.net/security/JVN78151490

相关漏洞威胁

CVE-2021-412439.1

There is a Potential Zip Slip Vulnerability and OS Command Injection Vulnerability on the management system of baserCMS. Users wit...

CVE-2016-11708.8

Cross-site request forgery (CSRF) vulnerability in the Casebook plugin before 0.9.4 for baserCMS allows remote attackers to hijack...

CVE-2016-11728.8

Cross-site request forgery (CSRF) vulnerability in the Recruit plugin before 0.9.3 for baserCMS allows remote attackers to hijack ...

CVE-2016-11748.8

Cross-site request forgery (CSRF) vulnerability in the Menubook plugin before 0.9.3 for baserCMS allows remote attackers to hijack...