CVE-2023-51450
published 2024-02-22CVE-2023-51450: baserCMS is a website development framework. Prior to version 5.0.9, there is an OS Command Injection vulnerability in the site search feature of baserCMS…
PriorityP351high8.1CVSS 3.1
AVNACHPRNUINSUCHIHAH
EPSS
1.46%
70.2th percentile
baserCMS is a website development framework. Prior to version 5.0.9, there is an OS Command Injection vulnerability in the site search feature of baserCMS. Version 5.0.9 contains a fix for this vulnerability.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| basercms | basercms | < 5.0.9 | 5.0.9 |
| baserproject | basercms | < 5.0.9 | 5.0.9 |
| baserproject | basercms | >= 0 < 5.0.9 | 5.0.9 |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
baserCMS OS command injection vulnerability in Installer
osv·2024-02-22
CVE-2023-51450 [MEDIUM] baserCMS OS command injection vulnerability in Installer
baserCMS OS command injection vulnerability in Installer
There is a OS command injection in Installer Feature to baserCMS.
### Target
baserCMS 5.0.8 and earlier versions
### Vulnerability
Malicious command may be executed in Installer.
### Countermeasures
Update to the latest version of baserCMS
Please refer to the following page to reference for more information.
https://basercms.net/security/JVN_73283159
GHSA
baserCMS OS command injection vulnerability in Installer
ghsa·2024-02-22
CVE-2023-51450 [MEDIUM] CWE-78 baserCMS OS command injection vulnerability in Installer
baserCMS OS command injection vulnerability in Installer
There is a OS command injection in Installer Feature to baserCMS.
### Target
baserCMS 5.0.8 and earlier versions
### Vulnerability
Malicious command may be executed in Installer.
### Countermeasures
Update to the latest version of baserCMS
Please refer to the following page to reference for more information.
https://basercms.net/security/JVN_73283159
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://basercms.net/security/JVN_09767360https://github.com/baserproject/basercms/commit/18f426d63e752b4d22c40e9ea8d1f6e692ef601chttps://github.com/baserproject/basercms/security/advisories/GHSA-77fc-4cv5-hmfrhttps://basercms.net/security/JVN_09767360https://github.com/baserproject/basercms/commit/18f426d63e752b4d22c40e9ea8d1f6e692ef601chttps://github.com/baserproject/basercms/security/advisories/GHSA-77fc-4cv5-hmfr
2024-02-22
Published