Browse all 26 CVE security advisories affecting baserCMS Users Community. AI-powered Chinese analysis, POCs, and references for each vulnerability.
baserCMS Users Community operates an open-source content management system primarily designed for Japanese websites, leveraging CakePHP to facilitate rapid web development. Historically, the platform has exhibited significant security deficiencies, resulting in 26 recorded Common Vulnerabilities and Exposures (CVEs). These flaws predominantly involve remote code execution, cross-site scripting, and privilege escalation vulnerabilities, often stemming from insufficient input validation and improper access controls within the application’s core modules. Notable incidents include arbitrary file uploads and SQL injection vectors that allow attackers to compromise server integrity or steal sensitive data. The high volume of CVEs indicates persistent challenges in maintaining secure code practices across updates. Consequently, administrators must prioritize rigorous patch management and strict configuration hardening to mitigate the risk of exploitation, as the software’s historical track record demonstrates a pattern of critical security oversights that require immediate attention.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2022-42486 | baserCMS 跨站脚本漏洞 — baserCMS | 4.8 | - | 2022-12-07 |
| CVE-2022-41994 | baserCMS 跨站脚本漏洞 — baserCMS | 4.8 | - | 2022-12-07 |
| CVE-2021-20683 | baserCMS 跨站脚本漏洞 — baserCMS | 5.4 | - | 2021-03-26 |
| CVE-2021-20682 | baserCMS 操作系统命令注入漏洞 — baserCMS | 7.2 | - | 2021-03-26 |
| CVE-2021-20681 | baserCMS 跨站脚本漏洞 — baserCMS | 5.4 | - | 2021-03-26 |
| CVE-2018-0575 | baserCMS 权限许可和访问控制漏洞 — baserCMS | 5.3 | - | 2018-06-26 |
| CVE-2018-0574 | baserCMS 跨站脚本漏洞 — baserCMS | 6.1 | - | 2018-06-26 |
| CVE-2018-0573 | baserCMS 权限许可和访问控制问题漏洞 — baserCMS | 5.3 | - | 2018-06-26 |
| CVE-2018-0572 | baserCMS 权限许可和访问控制问题漏洞 — baserCMS | 7.1 | - | 2018-06-26 |
| CVE-2018-0571 | baserCMS 安全漏洞 — baserCMS | 4.9 | - | 2018-06-26 |
| CVE-2018-0570 | baserCMS 跨站脚本漏洞 — baserCMS | 5.4 | - | 2018-06-26 |
| CVE-2018-0569 | baserCMS 安全漏洞 — baserCMS | 8.8 | - | 2018-06-26 |
| CVE-2017-10843 | baserCMS 权限许可和访问控制问题漏洞 — baserCMS | 7.5 | - | 2017-08-28 |
| CVE-2017-10842 | baserCMS SQL注入漏洞 — baserCMS | 9.8 | - | 2017-08-28 |
| CVE-2016-4876 | baserCMS 跨站请求伪造漏洞 — baserCMS | 8.8 | - | 2017-05-12 |
| CVE-2016-4887 | baserCMS Uploader 跨站请求伪造漏洞 — baserCMS plugin Uploader | 8.8 | - | 2017-05-12 |
| CVE-2016-4886 | baserCMS Mail 跨站请求伪造漏洞 — baserCMS plugin Mail | 8.8 | - | 2017-05-12 |
| CVE-2016-4885 | baserCMS Feed 跨站请求伪造漏洞 — baserCMS plugin Feed | 8.8 | - | 2017-05-12 |
| CVE-2016-4884 | baserCMS Blog 跨站请求伪造漏洞 — baserCMS plugin Blog | 8.8 | - | 2017-05-12 |
| CVE-2016-4883 | baserCMS 跨站脚本漏洞 — baserCMS | 4.8 | - | 2017-05-12 |
| CVE-2016-4882 | baserCMS 跨站请求伪造漏洞 — baserCMS | 8.8 | - | 2017-05-12 |
| CVE-2016-4881 | baserCMS Blog 跨站请求伪造漏洞 — baserCMS plugin Blog | 8.8 | - | 2017-05-12 |
| CVE-2016-4880 | baserCMS Blog 跨站脚本漏洞 — baserCMS plugin Blog | 5.4 | - | 2017-05-12 |
| CVE-2016-4879 | baserCMS Mail 跨站请求伪造漏洞 — baserCMS plugin Mail | 8.8 | - | 2017-05-12 |
| CVE-2016-4878 | baserCMS 跨站请求伪造漏洞 — baserCMS | 8.8 | - | 2017-05-12 |
| CVE-2016-4877 | baserCMS Mail 跨站脚本漏洞 — baserCMS plugin Mail | 5.4 | - | 2017-05-12 |
This page lists every published CVE security advisory associated with baserCMS Users Community. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.