Known Vulnerabilities for products from Basercms
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Basercms".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-32734 | baserCMS is a website development framework. Prior to version 5.2.3, baserCMS has DOM-based cross-site scripting in tag creat... | Not Provided | 2026-03-31 | 2026-04-01 |
| CVE-2026-30940 | baserCMS is a website development framework. Prior to version 5.2.3, a path traversal vulnerability exists in the theme file ... | Not Provided | 2026-03-31 | 2026-04-01 |
| CVE-2026-30880 | Not Provided | 2026-03-31 | 2026-03-31 | |
| CVE-2026-30879 | baserCMS is a website development framework. Prior to version 5.2.3, baserCMS has a cross-site scripting vulnerability in blo... | Not Provided | 2026-03-31 | 2026-04-01 |
| CVE-2026-30878 | baserCMS is a website development framework. Prior to version 5.2.3, a public mail submission API allows unauthenticated user... | Not Provided | 2026-03-31 | 2026-04-01 |
| CVE-2026-30877 | Not Provided | 2026-03-31 | 2026-03-31 | |
| CVE-2026-27697 | baserCMS is a website development framework. Prior to version 5.2.3, baserCMS has a SQL injection vulnerability in blog posts... | Not Provided | 2026-03-31 | 2026-04-01 |
| CVE-2026-21861 | baserCMS is a website development framework. Prior to version 5.2.3, baserCMS contains an OS command injection vulnerability ... | Not Provided | 2026-03-31 | 2026-04-01 |
| CVE-2025-32957 | baserCMS is a website development framework. Prior to version 5.2.3, the application's restore function allows users to uploa... | Not Provided | 2026-03-31 | 2026-04-01 |
| CVE-2021-41279 | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 8.8 - HIGH | 2021-11-26 | 2021-11-30 |
| CVE-2021-41243 | There is a Potential Zip Slip Vulnerability and OS Command Injection Vulnerability on the management system of baserCMS. User... | 8.8 - HIGH | 2021-11-26 | 2021-11-30 |
| CVE-2021-39136 | baserCMS is an open source content management system with a focus on Japanese language support. In affected versions there is... | 5.4 - MEDIUM | 2021-08-25 | 2021-08-30 |
| CVE-2021-20683 | Improper neutralization of JavaScript input in the blog article editing function of baserCMS versions prior to 4.4.5 allows r... | 5.4 - MEDIUM | 2021-03-26 | 2021-03-29 |
| CVE-2021-20682 | baserCMS versions prior to 4.4.5 allows a remote attacker with an administrative privilege to execute arbitrary OS commands v... | 7.2 - HIGH | 2021-03-26 | 2021-03-29 |
| CVE-2021-20681 | Improper neutralization of JavaScript input in the page editing function of baserCMS versions prior to 4.4.5 allows remote au... | 5.4 - MEDIUM | 2021-03-26 | 2021-03-29 |
| CVE-2020-15277 | baserCMS before version 4.4.1 is affected by Remote Code Execution (RCE). Code may be executed by logging in as a system admi... | 7.2 - HIGH | 2020-10-30 | 2020-11-03 |
| CVE-2020-15276 | baserCMS before version 4.4.1 is vulnerable to Cross-Site Scripting. Arbitrary JavaScript may be executed by entering a craft... | 8.7 - HIGH | 2020-10-30 | 2020-11-03 |
| CVE-2020-15273 | baserCMS before version 4.4.1 is vulnerable to Cross-Site Scripting. The issue affects the following components: Edit feed se... | 8.1 - HIGH | 2020-10-30 | 2020-11-03 |
| CVE-2020-15159 | baserCMS 4.3.6 and earlier is affected by Cross Site Scripting (XSS) and Remote Code Execution (RCE). This may be executed by... | 7.6 - HIGH | 2020-08-28 | 2020-09-03 |
| CVE-2020-15155 | baserCMS 4.3.6 and earlier is affected by Cross Site Scripting (XSS) via arbitrary script execution. Admin access is required... | 7.3 - HIGH | 2020-08-28 | 2020-09-03 |