CVE-2017-10843

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2017-10843

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-10843.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2017-10843

Aliases

GHSA-x73x-7gmx-w835

Published

2017-08-29T01:35:13.250Z

Modified

2026-04-10T03:56:22.497344Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N CVSS Calculator

Summary

[none]

Details

baserCMS version 3.0.14 and earlier, 4.0.5 and earlier allows remote attackers to delete arbitrary files via unspecified vectors when the "File" field is being used in the mail form.

References

Affected packages

Git / github.com/baserproject/basercms

Affected ranges

Type

GIT

Repo

https://github.com/baserproject/basercms

Events

Introduced

c282aeca512ddadc69d02edf860c870d5662903b

Last affected

07cfcd2f0731f8a354428510995343b532c1e931

Introduced

d14d49950dfdd88415232259e2e592d8f118856a

Last affected

1a3867ed9146cd7ea9cda5589e54007e027fd845

Database specific

{
    "versions": [
        {
            "introduced": "3.0.0"
        },
        {
            "last_affected": "3.0.14"
        },
        {
            "introduced": "4.0.0"
        },
        {
            "last_affected": "4.0.5"
        }
    ]
}

Affected versions

3.*

3.0.0

3.0.1

3.0.10

3.0.11

3.0.11.1

3.0.12

3.0.13

3.0.14

3.0.2

3.0.3

3.0.4

3.0.5

3.0.5.1

3.0.6

3.0.6-beta

3.0.7

3.0.9

4.*

4.0.1

4.0.2

4.0.2.1

4.0.3

4.0.4

4.0.5

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-10843.json"