GHSA-69gw-v5ph-6vxq

Source

https://github.com/advisories/GHSA-69gw-v5ph-6vxq

Import Source

https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-69gw-v5ph-6vxq/GHSA-69gw-v5ph-6vxq.json

JSON Data

https://api.osv.dev/v1/vulns/GHSA-69gw-v5ph-6vxq

Aliases

CVE-2017-10844

Published

2022-05-14T01:22:27Z

Modified

2024-02-16T08:04:38.598512Z

Severity

8.8 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

Code Injection in baserCMS

Details

baserCMS 3.0.14 and earlier, 4.0.5 and earlier allows an attacker to execute arbitrary PHP code on the server via unspecified vectors.

Database specific

{
    "nvd_published_at": "2017-08-29T01:35:00Z",
    "cwe_ids": [
        "CWE-94"
    ],
    "severity": "HIGH",
    "github_reviewed": true,
    "github_reviewed_at": "2023-07-06T23:36:27Z"
}

References

Affected packages

Packagist / baserproject/basercms

Package

Name: baserproject/basercms
Purl: pkg:composer/baserproject/basercms

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Last affected

3.0.14

Affected versions

0.*

0.0.1

0.0.2

0.0.3

0.0.4

0.0.5

0.0.6

0.0.7

0.0.8

1.*

1.0.0

2.*

2.0.0-rc1

2.0.0-rc2

2.0.0-rc3

2.0.0-rc4

2.0.0-rc5

2.0.0-rc6

2.0.0

3.*

3.0.0

3.0.1

3.0.2

3.0.3

3.0.4

3.0.5

3.0.6

3.0.7

3.0.9

3.0.10

3.0.11

3.0.12

3.0.13

3.0.14

Packagist / baserproject/basercms

Package

Name: baserproject/basercms
Purl: pkg:composer/baserproject/basercms

Affected ranges

Type: ECOSYSTEM
Events: Introduced

4.0.0

Last affected

4.0.5

Affected versions

4.*

4.0.0