CVE-2017-10843

HIGH7.5EPSS 0.57%

Arbitrary file delete in baserCMS

Published: 5/13/2022Modified: 12/2/2024

Description

baserCMS version 3.0.14 and earlier, 4.0.5 and earlier allows remote attackers to delete arbitrary files via unspecified vectors when the "File" field is being used in the mail form.

Affected packages (1)

Packagist/baserproject/basercmsfrom 0, < 3.0.15

CVSS scores

Source	Version	Severity	Vector
osv	CVSS 3.1	HIGH7.5	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

References (3)

ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2017-10843
WEBhttp://jvn.jp/en/jp/JVN78151490/index.html
WEBhttps://basercms.net/security/JVN78151490