CVE-2017-10843

HIGH7.5EPSS 0.57%

Arbitrary file delete in baserCMS

發布日:2022/5/13修改日:2024/12/2

描述

baserCMS version 3.0.14 and earlier, 4.0.5 and earlier allows remote attackers to delete arbitrary files via unspecified vectors when the "File" field is being used in the mail form.

受影響套件(1)

Packagist/baserproject/basercmsfrom 0, < 3.0.15

CVSS 分數

來源	版本	嚴重程度	向量
osv	CVSS 3.1	HIGH7.5	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

參考連結(3)

ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2017-10843
WEBhttp://jvn.jp/en/jp/JVN78151490/index.html
WEBhttps://basercms.net/security/JVN78151490