Known Vulnerabilities for products from Basercms
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Basercms".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-32734 json | baserCMS is a website development framework. Prior to version 5.2.3, baserCMS has DOM-based cross-site scripting in tag creat... | Not Provided | 2026-03-31 | 2026-04-01 |
| CVE-2026-30940 json | baserCMS is a website development framework. Prior to version 5.2.3, a path traversal vulnerability exists in the theme file ... | Not Provided | 2026-03-31 | 2026-04-01 |
| CVE-2026-30880 json | Not Provided | 2026-03-31 | 2026-03-31 | |
| CVE-2026-30879 json | baserCMS is a website development framework. Prior to version 5.2.3, baserCMS has a cross-site scripting vulnerability in blo... | Not Provided | 2026-03-31 | 2026-04-01 |
| CVE-2026-30878 json | baserCMS is a website development framework. Prior to version 5.2.3, a public mail submission API allows unauthenticated user... | Not Provided | 2026-03-31 | 2026-04-01 |
| CVE-2026-30877 json | Not Provided | 2026-03-31 | 2026-03-31 | |
| CVE-2026-27697 json | baserCMS is a website development framework. Prior to version 5.2.3, baserCMS has a SQL injection vulnerability in blog posts... | Not Provided | 2026-03-31 | 2026-04-01 |
| CVE-2026-21861 json | baserCMS is a website development framework. Prior to version 5.2.3, baserCMS contains an OS command injection vulnerability ... | Not Provided | 2026-03-31 | 2026-04-01 |
| CVE-2025-32957 json | baserCMS is a website development framework. Prior to version 5.2.3, the application's restore function allows users to uploa... | Not Provided | 2026-03-31 | 2026-04-01 |
| CVE-2023-43792 json | baserCMS is a website development framework. In versions 4.6.0 through 4.7.6, there is a Code Injection vulnerability in the ... | 9.8 - CRITICAL | 2023-10-30 | 2023-11-06 |
| CVE-2023-43649 json | baserCMS is a website development framework. Prior to version 4.8.0, there is a cross site request forgery vulnerability in t... | 9.8 - CRITICAL | 2023-10-30 | 2023-11-06 |
| CVE-2023-43648 json | baserCMS is a website development framework. Prior to version 4.8.0, there is a Directory Traversal Vulnerability in the form... | 6.5 - MEDIUM | 2023-10-30 | 2023-11-06 |
| CVE-2023-43647 json | baserCMS is a website development framework. Prior to version 4.8.0, there is a cross-site scripting vulnerability in the fil... | 5.4 - MEDIUM | 2023-10-30 | 2023-11-06 |
| CVE-2023-29009 json | baserCMS is a website development framework with WebAPI that runs on PHP8 and CakePHP4. There is a XSS Vulnerability in Favor... | 6.1 - MEDIUM | 2023-10-27 | 2023-11-07 |
| CVE-2023-25655 json | baserCMS is a Content Management system. Prior to version 4.7.5, any file may be uploaded on the management system of baserCM... | 9.8 - CRITICAL | 2023-03-23 | 2023-03-28 |
| CVE-2023-25654 json | baserCMS is a Content Management system. Prior to version 4.7.5, there is a Remote Code Execution (RCE) Vulnerability in the ... | 9.8 - CRITICAL | 2023-03-23 | 2023-03-28 |
| CVE-2022-42486 json | Stored cross-site scripting vulnerability in User group management of baserCMS versions prior to 4.7.2 allows a remote authen... | 4.8 - MEDIUM | 2022-12-07 | 2022-12-12 |
| CVE-2022-41994 json | Stored cross-site scripting vulnerability in Permission Settings of baserCMS versions prior to 4.7.2 allows a remote authenti... | 4.8 - MEDIUM | 2022-12-07 | 2022-12-12 |
| CVE-2022-39325 json | BaserCMS is a content management system with a japanese language focus. In affected versions there is a cross-site scripting ... | 6.1 - MEDIUM | 2022-11-25 | 2022-12-01 |
| CVE-2021-41279 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 8.8 - HIGH | 2021-11-26 | 2021-11-30 |