CVE-2018-0575 — Sensitive Information Exposure in Basercms

CWE-200 — Sensitive Information Exposure3 documents3 sources

Severity

5.3MEDIUMNVD

EPSS

0.2%

top 61.89%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Basercms Baserproject Basercms Basercms Users Community Basercms

Timeline

PublishedJun 26

Latest updateMay 14

Description

baserCMS (baserCMS 4.1.0.1 and earlier versions, baserCMS 3.0.15 and earlier versions) allows remote attackers to bypass access restriction in mail form to view a file which is uploaded by a site user via unspecified vectors.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:NExploitability: 3.9 | Impact: 1.4

Affected Packages3 packages

▶CVEListV5basercms_users_community/basercms(baserCMS 4.1.0.1 and earlier versions, baserCMS 3.0.15 and earlier versions)

▶NVDbasercms/basercms3.0.0 — 3.0.15+1

▶Packagistbaserproject/basercms4.0.0 — 4.1.0.1+1

🔴Vulnerability Details

GHSA

Sensitive Data Exposure in baserCMS↗2022-05-14

▶

OSV

Sensitive Data Exposure in baserCMS↗2022-05-14

▶