Описание
Arbitrary file delete in baserCMS
baserCMS version 3.0.14 and earlier, 4.0.5 and earlier allows remote attackers to delete arbitrary files via unspecified vectors when the "File" field is being used in the mail form.
Пакеты
Наименование
baserproject/basercms
composer
Затронутые версииВерсия исправления
<= 3.0.14
3.0.15
Наименование
baserproject/basercms
composer
Затронутые версииВерсия исправления
>= 4.0.0, <= 4.0.5
4.0.6
Связанные уязвимости
CVSS3: 7.5
nvd
больше 8 лет назад
baserCMS version 3.0.14 and earlier, 4.0.5 and earlier allows remote attackers to delete arbitrary files via unspecified vectors when the "File" field is being used in the mail form.