baijiacms/baijiacmsV4

baijiacms/baijiacmsV4

Releases1

Frequency

Last Release over 7 years ago

Stars25

baijiacmsV4

Log in to subscribe

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2021-33396 ↗	Feb 15, 2023Wednesday, 15 February 2023, 22:15	6.5 MEDIUM	—
Cross Site Request Forgery (CSRF) vulnerability in baijiacms 4.1.4, allows attackers to change the password or other information of an arbitrary account via index.php.
CVE-2021-34250 ↗	Apr 11, 2022Monday, 11 April 2022, 15:15	—	—
Rejected reason: DO NOT USE THIS CVE RECORD. ConsultIDs: CVE-2021-33396. Reason: This record is a duplicate of CVE-2021-33396. Notes: All CVE users should reference CVE-2021-33396 instead of this record. All references and descriptions in this record have been removed to prevent accidental usage.
CVE-2020-25873 ↗	Oct 29, 2021Friday, 29 October 2021, 20:15	6.5 MEDIUM	4 MEDIUM
A directory traversal vulnerability in the component system/manager/class/web/database.php was discovered in Baijiacms V4 which allows attackers to arbitrarily delete folders on the server via the "id" parameter.
CVE-2019-7568 ↗	Feb 7, 2019Thursday, 7 February 2019, 07:29	—	7.5 HIGH
An issue was discovered in baijiacms V4 that can result in time-based blind SQL injection to get data via the cate parameter in an index.php?act=index request.