Package Instance

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://api.first.org/data/v1/epss?cve=CVE-2018-0573

reference_url

reference_id

reference_type

scores

value	0.00173
scoring_system	epss
scoring_elements	0.38574
published_at	2026-06-06T12:55:00Z

value	0.00173
scoring_system	epss
scoring_elements	0.38572
published_at	2026-06-05T12:55:00Z

value	0.00173
scoring_system	epss
scoring_elements	0.38483
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-0573

reference_url

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2018-0573

reference_url

reference_id

CVE-2018-0573

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2018-0573

fixed_packages

url pkg:composer/baserproject/basercms@3.0.16

purl pkg:composer/baserproject/basercms@3.0.16

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1q79-sxzp-zker

vulnerability	VCID-3new-f12y-8bf9

vulnerability	VCID-4zw8-truk-pugf

vulnerability	VCID-5ay3-1t5g-vycu

vulnerability	VCID-7x3n-4c2b-nfbx

vulnerability	VCID-891u-x525-ykbb

vulnerability	VCID-8buz-nsr9-3yge

vulnerability	VCID-8ssu-umet-37bk

vulnerability	VCID-9mf7-56fh-fyfk

vulnerability	VCID-ays7-6wvh-augt

vulnerability	VCID-d1sf-cmct-zbh1

vulnerability	VCID-d5gk-q2hh-kba5

vulnerability	VCID-eq7f-n3g5-s3hu

vulnerability	VCID-g56w-z9cx-5ygv

vulnerability	VCID-ggv8-3v9t-mfea

vulnerability	VCID-gsg3-fdmu-vqag

vulnerability	VCID-hpk4-a6tr-3ffe

vulnerability	VCID-j37y-gws9-ake9

vulnerability	VCID-jby7-s5ez-dqb3

vulnerability	VCID-k575-suuf-7bhf

vulnerability	VCID-k5qv-4yp3-zbgf

vulnerability	VCID-khft-xvrw-g3dr

vulnerability	VCID-kmpp-6j49-pqfz

vulnerability	VCID-mfm9-gsh3-ubg8

vulnerability	VCID-nxrf-64er-xbfx

vulnerability	VCID-p695-t9ye-v3ga

vulnerability	VCID-p6nr-eu91-53b4

vulnerability	VCID-pd8c-9d7z-zkhg

vulnerability	VCID-sqr4-v889-tff8

vulnerability	VCID-u16w-rbuk-ybfs

vulnerability	VCID-uedz-j2vn-cbea

vulnerability	VCID-vqx2-hzju-r7et

vulnerability	VCID-xpsb-2yux-g3cf

vulnerability	VCID-y2sz-c6vb-pkdp

vulnerability	VCID-zqd4-rdem-jfgk

vulnerability	VCID-zsgc-fnen-b7a6

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@3.0.16

url pkg:composer/baserproject/basercms@4.1.1

purl pkg:composer/baserproject/basercms@4.1.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1q79-sxzp-zker

vulnerability	VCID-3new-f12y-8bf9

vulnerability	VCID-4zw8-truk-pugf

vulnerability	VCID-5ay3-1t5g-vycu

vulnerability	VCID-7x3n-4c2b-nfbx

vulnerability	VCID-891u-x525-ykbb

vulnerability	VCID-8buz-nsr9-3yge

vulnerability	VCID-8ssu-umet-37bk

vulnerability	VCID-9mf7-56fh-fyfk

vulnerability	VCID-ays7-6wvh-augt

vulnerability	VCID-d1sf-cmct-zbh1

vulnerability	VCID-d5gk-q2hh-kba5

vulnerability	VCID-eq7f-n3g5-s3hu

vulnerability	VCID-g56w-z9cx-5ygv

vulnerability	VCID-ggv8-3v9t-mfea

vulnerability	VCID-gsg3-fdmu-vqag

vulnerability	VCID-hpk4-a6tr-3ffe

vulnerability	VCID-j37y-gws9-ake9

vulnerability	VCID-jby7-s5ez-dqb3

vulnerability	VCID-k575-suuf-7bhf

vulnerability	VCID-k5qv-4yp3-zbgf

vulnerability	VCID-khft-xvrw-g3dr

vulnerability	VCID-kmpp-6j49-pqfz

vulnerability	VCID-mfm9-gsh3-ubg8

vulnerability	VCID-nxrf-64er-xbfx

vulnerability	VCID-p695-t9ye-v3ga

vulnerability	VCID-p6nr-eu91-53b4

vulnerability	VCID-pd8c-9d7z-zkhg

vulnerability	VCID-sqr4-v889-tff8

vulnerability	VCID-twf5-bzba-gqb4

vulnerability	VCID-u16w-rbuk-ybfs

vulnerability	VCID-uedz-j2vn-cbea

vulnerability	VCID-vqx2-hzju-r7et

vulnerability	VCID-wvnk-63hy-ykeq

vulnerability	VCID-xpsb-2yux-g3cf

vulnerability	VCID-xxud-7jsh-bbc1

vulnerability	VCID-y2sz-c6vb-pkdp

vulnerability	VCID-zqd4-rdem-jfgk

vulnerability	VCID-zsgc-fnen-b7a6

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@4.1.1

aliases CVE-2018-0573, GHSA-33fq-qm4m-cjw3

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2u6y-aj6t-7fb1

url VCID-6trr-5deb-yydm

vulnerability_id VCID-6trr-5deb-yydm

summary

Unrestricted Upload of File with Dangerous Type
baserCMS allows remote attackers with a site operator privilege to upload arbitrary files.

references

reference_url

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://api.first.org/data/v1/epss?cve=CVE-2018-0571

reference_url

reference_id

reference_type

scores

value	0.00167
scoring_system	epss
scoring_elements	0.37518
published_at	2026-06-04T12:55:00Z

value	0.00167
scoring_system	epss
scoring_elements	0.37614
published_at	2026-06-06T12:55:00Z

value	0.00167
scoring_system	epss
scoring_elements	0.37611
published_at	2026-06-05T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-0571

reference_url

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2018-0571

reference_url

reference_id

CVE-2018-0571

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2018-0571

fixed_packages

url pkg:composer/baserproject/basercms@3.0.16

purl pkg:composer/baserproject/basercms@3.0.16

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1q79-sxzp-zker

vulnerability	VCID-3new-f12y-8bf9

vulnerability	VCID-4zw8-truk-pugf

vulnerability	VCID-5ay3-1t5g-vycu

vulnerability	VCID-7x3n-4c2b-nfbx

vulnerability	VCID-891u-x525-ykbb

vulnerability	VCID-8buz-nsr9-3yge

vulnerability	VCID-8ssu-umet-37bk

vulnerability	VCID-9mf7-56fh-fyfk

vulnerability	VCID-ays7-6wvh-augt

vulnerability	VCID-d1sf-cmct-zbh1

vulnerability	VCID-d5gk-q2hh-kba5

vulnerability	VCID-eq7f-n3g5-s3hu

vulnerability	VCID-g56w-z9cx-5ygv

vulnerability	VCID-ggv8-3v9t-mfea

vulnerability	VCID-gsg3-fdmu-vqag

vulnerability	VCID-hpk4-a6tr-3ffe

vulnerability	VCID-j37y-gws9-ake9

vulnerability	VCID-jby7-s5ez-dqb3

vulnerability	VCID-k575-suuf-7bhf

vulnerability	VCID-k5qv-4yp3-zbgf

vulnerability	VCID-khft-xvrw-g3dr

vulnerability	VCID-kmpp-6j49-pqfz

vulnerability	VCID-mfm9-gsh3-ubg8

vulnerability	VCID-nxrf-64er-xbfx

vulnerability	VCID-p695-t9ye-v3ga

vulnerability	VCID-p6nr-eu91-53b4

vulnerability	VCID-pd8c-9d7z-zkhg

vulnerability	VCID-sqr4-v889-tff8

vulnerability	VCID-u16w-rbuk-ybfs

vulnerability	VCID-uedz-j2vn-cbea

vulnerability	VCID-vqx2-hzju-r7et

vulnerability	VCID-xpsb-2yux-g3cf

vulnerability	VCID-y2sz-c6vb-pkdp

vulnerability	VCID-zqd4-rdem-jfgk

vulnerability	VCID-zsgc-fnen-b7a6

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@3.0.16

url pkg:composer/baserproject/basercms@4.1.1

purl pkg:composer/baserproject/basercms@4.1.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1q79-sxzp-zker

vulnerability	VCID-3new-f12y-8bf9

vulnerability	VCID-4zw8-truk-pugf

vulnerability	VCID-5ay3-1t5g-vycu

vulnerability	VCID-7x3n-4c2b-nfbx

vulnerability	VCID-891u-x525-ykbb

vulnerability	VCID-8buz-nsr9-3yge

vulnerability	VCID-8ssu-umet-37bk

vulnerability	VCID-9mf7-56fh-fyfk

vulnerability	VCID-ays7-6wvh-augt

vulnerability	VCID-d1sf-cmct-zbh1

vulnerability	VCID-d5gk-q2hh-kba5

vulnerability	VCID-eq7f-n3g5-s3hu

vulnerability	VCID-g56w-z9cx-5ygv

vulnerability	VCID-ggv8-3v9t-mfea

vulnerability	VCID-gsg3-fdmu-vqag

vulnerability	VCID-hpk4-a6tr-3ffe

vulnerability	VCID-j37y-gws9-ake9

vulnerability	VCID-jby7-s5ez-dqb3

vulnerability	VCID-k575-suuf-7bhf

vulnerability	VCID-k5qv-4yp3-zbgf

vulnerability	VCID-khft-xvrw-g3dr

vulnerability	VCID-kmpp-6j49-pqfz

vulnerability	VCID-mfm9-gsh3-ubg8

vulnerability	VCID-nxrf-64er-xbfx

vulnerability	VCID-p695-t9ye-v3ga

vulnerability	VCID-p6nr-eu91-53b4

vulnerability	VCID-pd8c-9d7z-zkhg

vulnerability	VCID-sqr4-v889-tff8

vulnerability	VCID-twf5-bzba-gqb4

vulnerability	VCID-u16w-rbuk-ybfs

vulnerability	VCID-uedz-j2vn-cbea

vulnerability	VCID-vqx2-hzju-r7et

vulnerability	VCID-wvnk-63hy-ykeq

vulnerability	VCID-xpsb-2yux-g3cf

vulnerability	VCID-xxud-7jsh-bbc1

vulnerability	VCID-y2sz-c6vb-pkdp

vulnerability	VCID-zqd4-rdem-jfgk

vulnerability	VCID-zsgc-fnen-b7a6

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@4.1.1

aliases CVE-2018-0571, GHSA-3mcp-6rv6-c69g

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6trr-5deb-yydm

url VCID-e4xa-jm9u-nked

vulnerability_id VCID-e4xa-jm9u-nked

summary

OS Command Injection
baserCMS allows remote authenticated attackers to execute arbitrary OS commands via unspecified vectors.

references

reference_url

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://api.first.org/data/v1/epss?cve=CVE-2018-0569

reference_url

reference_id

reference_type

scores

value	0.01
scoring_system	epss
scoring_elements	0.77378
published_at	2026-06-06T12:55:00Z

value	0.01
scoring_system	epss
scoring_elements	0.77368
published_at	2026-06-05T12:55:00Z

value	0.01
scoring_system	epss
scoring_elements	0.77339
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-0569

reference_url

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2018-0569

reference_url

reference_id

CVE-2018-0569

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2018-0569

fixed_packages

url pkg:composer/baserproject/basercms@3.0.16

purl pkg:composer/baserproject/basercms@3.0.16

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1q79-sxzp-zker

vulnerability	VCID-3new-f12y-8bf9

vulnerability	VCID-4zw8-truk-pugf

vulnerability	VCID-5ay3-1t5g-vycu

vulnerability	VCID-7x3n-4c2b-nfbx

vulnerability	VCID-891u-x525-ykbb

vulnerability	VCID-8buz-nsr9-3yge

vulnerability	VCID-8ssu-umet-37bk

vulnerability	VCID-9mf7-56fh-fyfk

vulnerability	VCID-ays7-6wvh-augt

vulnerability	VCID-d1sf-cmct-zbh1

vulnerability	VCID-d5gk-q2hh-kba5

vulnerability	VCID-eq7f-n3g5-s3hu

vulnerability	VCID-g56w-z9cx-5ygv

vulnerability	VCID-ggv8-3v9t-mfea

vulnerability	VCID-gsg3-fdmu-vqag

vulnerability	VCID-hpk4-a6tr-3ffe

vulnerability	VCID-j37y-gws9-ake9

vulnerability	VCID-jby7-s5ez-dqb3

vulnerability	VCID-k575-suuf-7bhf

vulnerability	VCID-k5qv-4yp3-zbgf

vulnerability	VCID-khft-xvrw-g3dr

vulnerability	VCID-kmpp-6j49-pqfz

vulnerability	VCID-mfm9-gsh3-ubg8

vulnerability	VCID-nxrf-64er-xbfx

vulnerability	VCID-p695-t9ye-v3ga

vulnerability	VCID-p6nr-eu91-53b4

vulnerability	VCID-pd8c-9d7z-zkhg

vulnerability	VCID-sqr4-v889-tff8

vulnerability	VCID-u16w-rbuk-ybfs

vulnerability	VCID-uedz-j2vn-cbea

vulnerability	VCID-vqx2-hzju-r7et

vulnerability	VCID-xpsb-2yux-g3cf

vulnerability	VCID-y2sz-c6vb-pkdp

vulnerability	VCID-zqd4-rdem-jfgk

vulnerability	VCID-zsgc-fnen-b7a6

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@3.0.16

url pkg:composer/baserproject/basercms@4.1.1

purl pkg:composer/baserproject/basercms@4.1.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1q79-sxzp-zker

vulnerability	VCID-3new-f12y-8bf9

vulnerability	VCID-4zw8-truk-pugf

vulnerability	VCID-5ay3-1t5g-vycu

vulnerability	VCID-7x3n-4c2b-nfbx

vulnerability	VCID-891u-x525-ykbb

vulnerability	VCID-8buz-nsr9-3yge

vulnerability	VCID-8ssu-umet-37bk

vulnerability	VCID-9mf7-56fh-fyfk

vulnerability	VCID-ays7-6wvh-augt

vulnerability	VCID-d1sf-cmct-zbh1

vulnerability	VCID-d5gk-q2hh-kba5

vulnerability	VCID-eq7f-n3g5-s3hu

vulnerability	VCID-g56w-z9cx-5ygv

vulnerability	VCID-ggv8-3v9t-mfea

vulnerability	VCID-gsg3-fdmu-vqag

vulnerability	VCID-hpk4-a6tr-3ffe

vulnerability	VCID-j37y-gws9-ake9

vulnerability	VCID-jby7-s5ez-dqb3

vulnerability	VCID-k575-suuf-7bhf

vulnerability	VCID-k5qv-4yp3-zbgf

vulnerability	VCID-khft-xvrw-g3dr

vulnerability	VCID-kmpp-6j49-pqfz

vulnerability	VCID-mfm9-gsh3-ubg8

vulnerability	VCID-nxrf-64er-xbfx

vulnerability	VCID-p695-t9ye-v3ga

vulnerability	VCID-p6nr-eu91-53b4

vulnerability	VCID-pd8c-9d7z-zkhg

vulnerability	VCID-sqr4-v889-tff8

vulnerability	VCID-twf5-bzba-gqb4

vulnerability	VCID-u16w-rbuk-ybfs

vulnerability	VCID-uedz-j2vn-cbea

vulnerability	VCID-vqx2-hzju-r7et

vulnerability	VCID-wvnk-63hy-ykeq

vulnerability	VCID-xpsb-2yux-g3cf

vulnerability	VCID-xxud-7jsh-bbc1

vulnerability	VCID-y2sz-c6vb-pkdp

vulnerability	VCID-zqd4-rdem-jfgk

vulnerability	VCID-zsgc-fnen-b7a6

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@4.1.1

aliases CVE-2018-0569, GHSA-6j3p-vrph-j7qq

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-e4xa-jm9u-nked

url VCID-ffq1-r9ck-1bhp

vulnerability_id VCID-ffq1-r9ck-1bhp

summary

SQL Injection
Baser CMS contains a SQL injection vulnerability.

references

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://api.first.org/data/v1/epss?cve=CVE-2017-10842

reference_url

reference_id

reference_type

scores

value	0.0067
scoring_system	epss
scoring_elements	0.7174
published_at	2026-06-04T12:55:00Z

value	0.0067
scoring_system	epss
scoring_elements	0.71786
published_at	2026-06-06T12:55:00Z

value	0.0067
scoring_system	epss
scoring_elements	0.7178
published_at	2026-06-05T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-10842

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2017-10842

reference_url

reference_id

CVE-2017-10842

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2017-10842

fixed_packages

url pkg:composer/baserproject/basercms@3.0.15

purl pkg:composer/baserproject/basercms@3.0.15

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1q79-sxzp-zker

vulnerability	VCID-2u6y-aj6t-7fb1

vulnerability	VCID-3new-f12y-8bf9

vulnerability	VCID-4zw8-truk-pugf

vulnerability	VCID-5ay3-1t5g-vycu

vulnerability	VCID-6trr-5deb-yydm

vulnerability	VCID-7x3n-4c2b-nfbx

vulnerability	VCID-891u-x525-ykbb

vulnerability	VCID-8buz-nsr9-3yge

vulnerability	VCID-8ssu-umet-37bk

vulnerability	VCID-9mf7-56fh-fyfk

vulnerability	VCID-ays7-6wvh-augt

vulnerability	VCID-d1sf-cmct-zbh1

vulnerability	VCID-d5gk-q2hh-kba5

vulnerability	VCID-e4xa-jm9u-nked

vulnerability	VCID-eq7f-n3g5-s3hu

vulnerability	VCID-g56w-z9cx-5ygv

vulnerability	VCID-ga9u-uv9b-tydr

vulnerability	VCID-ggv8-3v9t-mfea

vulnerability	VCID-gsg3-fdmu-vqag

vulnerability	VCID-hpk4-a6tr-3ffe

vulnerability	VCID-j37y-gws9-ake9

vulnerability	VCID-jby7-s5ez-dqb3

vulnerability	VCID-k575-suuf-7bhf

vulnerability	VCID-k5qv-4yp3-zbgf

vulnerability	VCID-khft-xvrw-g3dr

vulnerability	VCID-kmpp-6j49-pqfz

vulnerability	VCID-mfm9-gsh3-ubg8

vulnerability	VCID-nxrf-64er-xbfx

vulnerability	VCID-p695-t9ye-v3ga

vulnerability	VCID-p6nr-eu91-53b4

vulnerability	VCID-pd8c-9d7z-zkhg

vulnerability	VCID-r4jc-22rq-d3cb

vulnerability	VCID-sqr4-v889-tff8

vulnerability	VCID-u16w-rbuk-ybfs

vulnerability	VCID-uedz-j2vn-cbea

vulnerability	VCID-vqx2-hzju-r7et

vulnerability	VCID-xpsb-2yux-g3cf

vulnerability	VCID-y2sz-c6vb-pkdp

vulnerability	VCID-yesf-qxgy-3ygx

vulnerability	VCID-zqd4-rdem-jfgk

vulnerability	VCID-zsgc-fnen-b7a6

vulnerability	VCID-zy68-bur9-1fck

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@3.0.15

url pkg:composer/baserproject/basercms@4.0.5.1

purl pkg:composer/baserproject/basercms@4.0.5.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1q79-sxzp-zker

vulnerability	VCID-2u6y-aj6t-7fb1

vulnerability	VCID-3new-f12y-8bf9

vulnerability	VCID-4zw8-truk-pugf

vulnerability	VCID-5ay3-1t5g-vycu

vulnerability	VCID-6trr-5deb-yydm

vulnerability	VCID-7x3n-4c2b-nfbx

vulnerability	VCID-891u-x525-ykbb

vulnerability	VCID-8buz-nsr9-3yge

vulnerability	VCID-8ssu-umet-37bk

vulnerability	VCID-9mf7-56fh-fyfk

vulnerability	VCID-ays7-6wvh-augt

vulnerability	VCID-d1sf-cmct-zbh1

vulnerability	VCID-d5gk-q2hh-kba5

vulnerability	VCID-e4xa-jm9u-nked

vulnerability	VCID-eq7f-n3g5-s3hu

vulnerability	VCID-g56w-z9cx-5ygv

vulnerability	VCID-ga9u-uv9b-tydr

vulnerability	VCID-ggv8-3v9t-mfea

vulnerability	VCID-gsg3-fdmu-vqag

vulnerability	VCID-hpk4-a6tr-3ffe

vulnerability	VCID-j37y-gws9-ake9

vulnerability	VCID-jby7-s5ez-dqb3

vulnerability	VCID-k575-suuf-7bhf

vulnerability	VCID-k5qv-4yp3-zbgf

vulnerability	VCID-khft-xvrw-g3dr

vulnerability	VCID-kmpp-6j49-pqfz

vulnerability	VCID-mfm9-gsh3-ubg8

vulnerability	VCID-nxrf-64er-xbfx

vulnerability	VCID-p695-t9ye-v3ga

vulnerability	VCID-p6nr-eu91-53b4

vulnerability	VCID-pd8c-9d7z-zkhg

vulnerability	VCID-r4jc-22rq-d3cb

vulnerability	VCID-sqr4-v889-tff8

vulnerability	VCID-twf5-bzba-gqb4

vulnerability	VCID-u16w-rbuk-ybfs

vulnerability	VCID-uedz-j2vn-cbea

vulnerability	VCID-vqx2-hzju-r7et

vulnerability	VCID-wvnk-63hy-ykeq

vulnerability	VCID-xpsb-2yux-g3cf

vulnerability	VCID-xxud-7jsh-bbc1

vulnerability	VCID-y2sz-c6vb-pkdp

vulnerability	VCID-yesf-qxgy-3ygx

vulnerability	VCID-zqd4-rdem-jfgk

vulnerability	VCID-zsgc-fnen-b7a6

vulnerability	VCID-zy68-bur9-1fck

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@4.0.5.1

url pkg:composer/baserproject/basercms@4.0.6

purl pkg:composer/baserproject/basercms@4.0.6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1q79-sxzp-zker

vulnerability	VCID-2u6y-aj6t-7fb1

vulnerability	VCID-3new-f12y-8bf9

vulnerability	VCID-4zw8-truk-pugf

vulnerability	VCID-5ay3-1t5g-vycu

vulnerability	VCID-6trr-5deb-yydm

vulnerability	VCID-7x3n-4c2b-nfbx

vulnerability	VCID-891u-x525-ykbb

vulnerability	VCID-8buz-nsr9-3yge

vulnerability	VCID-8ssu-umet-37bk

vulnerability	VCID-9mf7-56fh-fyfk

vulnerability	VCID-ays7-6wvh-augt

vulnerability	VCID-d1sf-cmct-zbh1

vulnerability	VCID-d5gk-q2hh-kba5

vulnerability	VCID-e4xa-jm9u-nked

vulnerability	VCID-eq7f-n3g5-s3hu

vulnerability	VCID-g56w-z9cx-5ygv

vulnerability	VCID-ga9u-uv9b-tydr

vulnerability	VCID-ggv8-3v9t-mfea

vulnerability	VCID-gsg3-fdmu-vqag

vulnerability	VCID-hpk4-a6tr-3ffe

vulnerability	VCID-j37y-gws9-ake9

vulnerability	VCID-jby7-s5ez-dqb3

vulnerability	VCID-k575-suuf-7bhf

vulnerability	VCID-k5qv-4yp3-zbgf

vulnerability	VCID-khft-xvrw-g3dr

vulnerability	VCID-kmpp-6j49-pqfz

vulnerability	VCID-mfm9-gsh3-ubg8

vulnerability	VCID-nxrf-64er-xbfx

vulnerability	VCID-p695-t9ye-v3ga

vulnerability	VCID-p6nr-eu91-53b4

vulnerability	VCID-pd8c-9d7z-zkhg

vulnerability	VCID-r4jc-22rq-d3cb

vulnerability	VCID-sqr4-v889-tff8

vulnerability	VCID-twf5-bzba-gqb4

vulnerability	VCID-u16w-rbuk-ybfs

vulnerability	VCID-uedz-j2vn-cbea

vulnerability	VCID-vqx2-hzju-r7et

vulnerability	VCID-wvnk-63hy-ykeq

vulnerability	VCID-xpsb-2yux-g3cf

vulnerability	VCID-xxud-7jsh-bbc1

vulnerability	VCID-y2sz-c6vb-pkdp

vulnerability	VCID-yesf-qxgy-3ygx

vulnerability	VCID-zqd4-rdem-jfgk

vulnerability	VCID-zsgc-fnen-b7a6

vulnerability	VCID-zy68-bur9-1fck

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@4.0.6

aliases CVE-2017-10842, GHSA-jc94-wp59-pq4f

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ffq1-r9ck-1bhp

url VCID-ga9u-uv9b-tydr

vulnerability_id VCID-ga9u-uv9b-tydr

summary

Cross-site Scripting
Cross-site scripting vulnerability in baserCMS allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors.

references

reference_url

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://api.first.org/data/v1/epss?cve=CVE-2018-0570

reference_url

reference_id

reference_type

scores

value	0.00195
scoring_system	epss
scoring_elements	0.41314
published_at	2026-06-06T12:55:00Z

value	0.00195
scoring_system	epss
scoring_elements	0.41234
published_at	2026-06-04T12:55:00Z

value	0.00195
scoring_system	epss
scoring_elements	0.4131
published_at	2026-06-05T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-0570

reference_url

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2018-0570

reference_url

reference_id

CVE-2018-0570

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2018-0570

fixed_packages

url pkg:composer/baserproject/basercms@3.0.16

purl pkg:composer/baserproject/basercms@3.0.16

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1q79-sxzp-zker

vulnerability	VCID-3new-f12y-8bf9

vulnerability	VCID-4zw8-truk-pugf

vulnerability	VCID-5ay3-1t5g-vycu

vulnerability	VCID-7x3n-4c2b-nfbx

vulnerability	VCID-891u-x525-ykbb

vulnerability	VCID-8buz-nsr9-3yge

vulnerability	VCID-8ssu-umet-37bk

vulnerability	VCID-9mf7-56fh-fyfk

vulnerability	VCID-ays7-6wvh-augt

vulnerability	VCID-d1sf-cmct-zbh1

vulnerability	VCID-d5gk-q2hh-kba5

vulnerability	VCID-eq7f-n3g5-s3hu

vulnerability	VCID-g56w-z9cx-5ygv

vulnerability	VCID-ggv8-3v9t-mfea

vulnerability	VCID-gsg3-fdmu-vqag

vulnerability	VCID-hpk4-a6tr-3ffe

vulnerability	VCID-j37y-gws9-ake9

vulnerability	VCID-jby7-s5ez-dqb3

vulnerability	VCID-k575-suuf-7bhf

vulnerability	VCID-k5qv-4yp3-zbgf

vulnerability	VCID-khft-xvrw-g3dr

vulnerability	VCID-kmpp-6j49-pqfz

vulnerability	VCID-mfm9-gsh3-ubg8

vulnerability	VCID-nxrf-64er-xbfx

vulnerability	VCID-p695-t9ye-v3ga

vulnerability	VCID-p6nr-eu91-53b4

vulnerability	VCID-pd8c-9d7z-zkhg

vulnerability	VCID-sqr4-v889-tff8

vulnerability	VCID-u16w-rbuk-ybfs

vulnerability	VCID-uedz-j2vn-cbea

vulnerability	VCID-vqx2-hzju-r7et

vulnerability	VCID-xpsb-2yux-g3cf

vulnerability	VCID-y2sz-c6vb-pkdp

vulnerability	VCID-zqd4-rdem-jfgk

vulnerability	VCID-zsgc-fnen-b7a6

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@3.0.16

url pkg:composer/baserproject/basercms@4.1.1

purl pkg:composer/baserproject/basercms@4.1.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1q79-sxzp-zker

vulnerability	VCID-3new-f12y-8bf9

vulnerability	VCID-4zw8-truk-pugf

vulnerability	VCID-5ay3-1t5g-vycu

vulnerability	VCID-7x3n-4c2b-nfbx

vulnerability	VCID-891u-x525-ykbb

vulnerability	VCID-8buz-nsr9-3yge

vulnerability	VCID-8ssu-umet-37bk

vulnerability	VCID-9mf7-56fh-fyfk

vulnerability	VCID-ays7-6wvh-augt

vulnerability	VCID-d1sf-cmct-zbh1

vulnerability	VCID-d5gk-q2hh-kba5

vulnerability	VCID-eq7f-n3g5-s3hu

vulnerability	VCID-g56w-z9cx-5ygv

vulnerability	VCID-ggv8-3v9t-mfea

vulnerability	VCID-gsg3-fdmu-vqag

vulnerability	VCID-hpk4-a6tr-3ffe

vulnerability	VCID-j37y-gws9-ake9

vulnerability	VCID-jby7-s5ez-dqb3

vulnerability	VCID-k575-suuf-7bhf

vulnerability	VCID-k5qv-4yp3-zbgf

vulnerability	VCID-khft-xvrw-g3dr

vulnerability	VCID-kmpp-6j49-pqfz

vulnerability	VCID-mfm9-gsh3-ubg8

vulnerability	VCID-nxrf-64er-xbfx

vulnerability	VCID-p695-t9ye-v3ga

vulnerability	VCID-p6nr-eu91-53b4

vulnerability	VCID-pd8c-9d7z-zkhg

vulnerability	VCID-sqr4-v889-tff8

vulnerability	VCID-twf5-bzba-gqb4

vulnerability	VCID-u16w-rbuk-ybfs

vulnerability	VCID-uedz-j2vn-cbea

vulnerability	VCID-vqx2-hzju-r7et

vulnerability	VCID-wvnk-63hy-ykeq

vulnerability	VCID-xpsb-2yux-g3cf

vulnerability	VCID-xxud-7jsh-bbc1

vulnerability	VCID-y2sz-c6vb-pkdp

vulnerability	VCID-zqd4-rdem-jfgk

vulnerability	VCID-zsgc-fnen-b7a6

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@4.1.1

aliases CVE-2018-0570, GHSA-994g-74gq-5qpr

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ga9u-uv9b-tydr

url VCID-guvm-x5jc-mfgc

vulnerability_id VCID-guvm-x5jc-mfgc

summary

Path Traversal
baserCMS allows remote attackers to delete arbitrary files via unspecified vectors when the "File" field is being used in the mail form.

references

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://api.first.org/data/v1/epss?cve=CVE-2017-10843

reference_url

reference_id

reference_type

scores

value	0.0057
scoring_system	epss
scoring_elements	0.69024
published_at	2026-06-06T12:55:00Z

value	0.0057
scoring_system	epss
scoring_elements	0.68975
published_at	2026-06-04T12:55:00Z

value	0.0057
scoring_system	epss
scoring_elements	0.69014
published_at	2026-06-05T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-10843

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2017-10843

reference_url

reference_id

CVE-2017-10843

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2017-10843

reference_url

https://github.com/advisories/GHSA-x73x-7gmx-w835

reference_id

GHSA-x73x-7gmx-w835

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-x73x-7gmx-w835

fixed_packages

url pkg:composer/baserproject/basercms@3.0.15

purl pkg:composer/baserproject/basercms@3.0.15

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1q79-sxzp-zker

vulnerability	VCID-2u6y-aj6t-7fb1

vulnerability	VCID-3new-f12y-8bf9

vulnerability	VCID-4zw8-truk-pugf

vulnerability	VCID-5ay3-1t5g-vycu

vulnerability	VCID-6trr-5deb-yydm

vulnerability	VCID-7x3n-4c2b-nfbx

vulnerability	VCID-891u-x525-ykbb

vulnerability	VCID-8buz-nsr9-3yge

vulnerability	VCID-8ssu-umet-37bk

vulnerability	VCID-9mf7-56fh-fyfk

vulnerability	VCID-ays7-6wvh-augt

vulnerability	VCID-d1sf-cmct-zbh1

vulnerability	VCID-d5gk-q2hh-kba5

vulnerability	VCID-e4xa-jm9u-nked

vulnerability	VCID-eq7f-n3g5-s3hu

vulnerability	VCID-g56w-z9cx-5ygv

vulnerability	VCID-ga9u-uv9b-tydr

vulnerability	VCID-ggv8-3v9t-mfea

vulnerability	VCID-gsg3-fdmu-vqag

vulnerability	VCID-hpk4-a6tr-3ffe

vulnerability	VCID-j37y-gws9-ake9

vulnerability	VCID-jby7-s5ez-dqb3

vulnerability	VCID-k575-suuf-7bhf

vulnerability	VCID-k5qv-4yp3-zbgf

vulnerability	VCID-khft-xvrw-g3dr

vulnerability	VCID-kmpp-6j49-pqfz

vulnerability	VCID-mfm9-gsh3-ubg8

vulnerability	VCID-nxrf-64er-xbfx

vulnerability	VCID-p695-t9ye-v3ga

vulnerability	VCID-p6nr-eu91-53b4

vulnerability	VCID-pd8c-9d7z-zkhg

vulnerability	VCID-r4jc-22rq-d3cb

vulnerability	VCID-sqr4-v889-tff8

vulnerability	VCID-u16w-rbuk-ybfs

vulnerability	VCID-uedz-j2vn-cbea

vulnerability	VCID-vqx2-hzju-r7et

vulnerability	VCID-xpsb-2yux-g3cf

vulnerability	VCID-y2sz-c6vb-pkdp

vulnerability	VCID-yesf-qxgy-3ygx

vulnerability	VCID-zqd4-rdem-jfgk

vulnerability	VCID-zsgc-fnen-b7a6

vulnerability	VCID-zy68-bur9-1fck

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@3.0.15

url pkg:composer/baserproject/basercms@4.0.5.1

purl pkg:composer/baserproject/basercms@4.0.5.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1q79-sxzp-zker

vulnerability	VCID-2u6y-aj6t-7fb1

vulnerability	VCID-3new-f12y-8bf9

vulnerability	VCID-4zw8-truk-pugf

vulnerability	VCID-5ay3-1t5g-vycu

vulnerability	VCID-6trr-5deb-yydm

vulnerability	VCID-7x3n-4c2b-nfbx

vulnerability	VCID-891u-x525-ykbb

vulnerability	VCID-8buz-nsr9-3yge

vulnerability	VCID-8ssu-umet-37bk

vulnerability	VCID-9mf7-56fh-fyfk

vulnerability	VCID-ays7-6wvh-augt

vulnerability	VCID-d1sf-cmct-zbh1

vulnerability	VCID-d5gk-q2hh-kba5

vulnerability	VCID-e4xa-jm9u-nked

vulnerability	VCID-eq7f-n3g5-s3hu

vulnerability	VCID-g56w-z9cx-5ygv

vulnerability	VCID-ga9u-uv9b-tydr

vulnerability	VCID-ggv8-3v9t-mfea

vulnerability	VCID-gsg3-fdmu-vqag

vulnerability	VCID-hpk4-a6tr-3ffe

vulnerability	VCID-j37y-gws9-ake9

vulnerability	VCID-jby7-s5ez-dqb3

vulnerability	VCID-k575-suuf-7bhf

vulnerability	VCID-k5qv-4yp3-zbgf

vulnerability	VCID-khft-xvrw-g3dr

vulnerability	VCID-kmpp-6j49-pqfz

vulnerability	VCID-mfm9-gsh3-ubg8

vulnerability	VCID-nxrf-64er-xbfx

vulnerability	VCID-p695-t9ye-v3ga

vulnerability	VCID-p6nr-eu91-53b4

vulnerability	VCID-pd8c-9d7z-zkhg

vulnerability	VCID-r4jc-22rq-d3cb

vulnerability	VCID-sqr4-v889-tff8

vulnerability	VCID-twf5-bzba-gqb4

vulnerability	VCID-u16w-rbuk-ybfs

vulnerability	VCID-uedz-j2vn-cbea

vulnerability	VCID-vqx2-hzju-r7et

vulnerability	VCID-wvnk-63hy-ykeq

vulnerability	VCID-xpsb-2yux-g3cf

vulnerability	VCID-xxud-7jsh-bbc1

vulnerability	VCID-y2sz-c6vb-pkdp

vulnerability	VCID-yesf-qxgy-3ygx

vulnerability	VCID-zqd4-rdem-jfgk

vulnerability	VCID-zsgc-fnen-b7a6

vulnerability	VCID-zy68-bur9-1fck

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@4.0.5.1

url pkg:composer/baserproject/basercms@4.0.6

purl pkg:composer/baserproject/basercms@4.0.6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1q79-sxzp-zker

vulnerability	VCID-2u6y-aj6t-7fb1

vulnerability	VCID-3new-f12y-8bf9

vulnerability	VCID-4zw8-truk-pugf

vulnerability	VCID-5ay3-1t5g-vycu

vulnerability	VCID-6trr-5deb-yydm

vulnerability	VCID-7x3n-4c2b-nfbx

vulnerability	VCID-891u-x525-ykbb

vulnerability	VCID-8buz-nsr9-3yge

vulnerability	VCID-8ssu-umet-37bk

vulnerability	VCID-9mf7-56fh-fyfk

vulnerability	VCID-ays7-6wvh-augt

vulnerability	VCID-d1sf-cmct-zbh1

vulnerability	VCID-d5gk-q2hh-kba5

vulnerability	VCID-e4xa-jm9u-nked

vulnerability	VCID-eq7f-n3g5-s3hu

vulnerability	VCID-g56w-z9cx-5ygv

vulnerability	VCID-ga9u-uv9b-tydr

vulnerability	VCID-ggv8-3v9t-mfea

vulnerability	VCID-gsg3-fdmu-vqag

vulnerability	VCID-hpk4-a6tr-3ffe

vulnerability	VCID-j37y-gws9-ake9

vulnerability	VCID-jby7-s5ez-dqb3

vulnerability	VCID-k575-suuf-7bhf

vulnerability	VCID-k5qv-4yp3-zbgf

vulnerability	VCID-khft-xvrw-g3dr

vulnerability	VCID-kmpp-6j49-pqfz

vulnerability	VCID-mfm9-gsh3-ubg8

vulnerability	VCID-nxrf-64er-xbfx

vulnerability	VCID-p695-t9ye-v3ga

vulnerability	VCID-p6nr-eu91-53b4

vulnerability	VCID-pd8c-9d7z-zkhg

vulnerability	VCID-r4jc-22rq-d3cb

vulnerability	VCID-sqr4-v889-tff8

vulnerability	VCID-twf5-bzba-gqb4

vulnerability	VCID-u16w-rbuk-ybfs

vulnerability	VCID-uedz-j2vn-cbea

vulnerability	VCID-vqx2-hzju-r7et

vulnerability	VCID-wvnk-63hy-ykeq

vulnerability	VCID-xpsb-2yux-g3cf

vulnerability	VCID-xxud-7jsh-bbc1

vulnerability	VCID-y2sz-c6vb-pkdp

vulnerability	VCID-yesf-qxgy-3ygx

vulnerability	VCID-zqd4-rdem-jfgk

vulnerability	VCID-zsgc-fnen-b7a6

vulnerability	VCID-zy68-bur9-1fck

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@4.0.6

aliases CVE-2017-10843, GHSA-x73x-7gmx-w835

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-guvm-x5jc-mfgc

url VCID-r4jc-22rq-d3cb

vulnerability_id VCID-r4jc-22rq-d3cb

summary

Information Exposure
baserCMS allows remote attackers to bypass access restriction in mail form to view a file which is uploaded by a site user via unspecified vectors.

references

reference_url

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://api.first.org/data/v1/epss?cve=CVE-2018-0575

reference_url

reference_id

reference_type

scores

value	0.00169
scoring_system	epss
scoring_elements	0.37823
published_at	2026-06-04T12:55:00Z

value	0.00169
scoring_system	epss
scoring_elements	0.37917
published_at	2026-06-06T12:55:00Z

value	0.00169
scoring_system	epss
scoring_elements	0.37914
published_at	2026-06-05T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-0575

reference_url

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2018-0575

reference_url

reference_id

CVE-2018-0575

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2018-0575

fixed_packages

url pkg:composer/baserproject/basercms@3.0.16

purl pkg:composer/baserproject/basercms@3.0.16

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1q79-sxzp-zker

vulnerability	VCID-3new-f12y-8bf9

vulnerability	VCID-4zw8-truk-pugf

vulnerability	VCID-5ay3-1t5g-vycu

vulnerability	VCID-7x3n-4c2b-nfbx

vulnerability	VCID-891u-x525-ykbb

vulnerability	VCID-8buz-nsr9-3yge

vulnerability	VCID-8ssu-umet-37bk

vulnerability	VCID-9mf7-56fh-fyfk

vulnerability	VCID-ays7-6wvh-augt

vulnerability	VCID-d1sf-cmct-zbh1

vulnerability	VCID-d5gk-q2hh-kba5

vulnerability	VCID-eq7f-n3g5-s3hu

vulnerability	VCID-g56w-z9cx-5ygv

vulnerability	VCID-ggv8-3v9t-mfea

vulnerability	VCID-gsg3-fdmu-vqag

vulnerability	VCID-hpk4-a6tr-3ffe

vulnerability	VCID-j37y-gws9-ake9

vulnerability	VCID-jby7-s5ez-dqb3

vulnerability	VCID-k575-suuf-7bhf

vulnerability	VCID-k5qv-4yp3-zbgf

vulnerability	VCID-khft-xvrw-g3dr

vulnerability	VCID-kmpp-6j49-pqfz

vulnerability	VCID-mfm9-gsh3-ubg8

vulnerability	VCID-nxrf-64er-xbfx

vulnerability	VCID-p695-t9ye-v3ga

vulnerability	VCID-p6nr-eu91-53b4

vulnerability	VCID-pd8c-9d7z-zkhg

vulnerability	VCID-sqr4-v889-tff8

vulnerability	VCID-u16w-rbuk-ybfs

vulnerability	VCID-uedz-j2vn-cbea

vulnerability	VCID-vqx2-hzju-r7et

vulnerability	VCID-xpsb-2yux-g3cf

vulnerability	VCID-y2sz-c6vb-pkdp

vulnerability	VCID-zqd4-rdem-jfgk

vulnerability	VCID-zsgc-fnen-b7a6

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@3.0.16

url pkg:composer/baserproject/basercms@4.1.1

purl pkg:composer/baserproject/basercms@4.1.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1q79-sxzp-zker

vulnerability	VCID-3new-f12y-8bf9

vulnerability	VCID-4zw8-truk-pugf

vulnerability	VCID-5ay3-1t5g-vycu

vulnerability	VCID-7x3n-4c2b-nfbx

vulnerability	VCID-891u-x525-ykbb

vulnerability	VCID-8buz-nsr9-3yge

vulnerability	VCID-8ssu-umet-37bk

vulnerability	VCID-9mf7-56fh-fyfk

vulnerability	VCID-ays7-6wvh-augt

vulnerability	VCID-d1sf-cmct-zbh1

vulnerability	VCID-d5gk-q2hh-kba5

vulnerability	VCID-eq7f-n3g5-s3hu

vulnerability	VCID-g56w-z9cx-5ygv

vulnerability	VCID-ggv8-3v9t-mfea

vulnerability	VCID-gsg3-fdmu-vqag

vulnerability	VCID-hpk4-a6tr-3ffe

vulnerability	VCID-j37y-gws9-ake9

vulnerability	VCID-jby7-s5ez-dqb3

vulnerability	VCID-k575-suuf-7bhf

vulnerability	VCID-k5qv-4yp3-zbgf

vulnerability	VCID-khft-xvrw-g3dr

vulnerability	VCID-kmpp-6j49-pqfz

vulnerability	VCID-mfm9-gsh3-ubg8

vulnerability	VCID-nxrf-64er-xbfx

vulnerability	VCID-p695-t9ye-v3ga

vulnerability	VCID-p6nr-eu91-53b4

vulnerability	VCID-pd8c-9d7z-zkhg

vulnerability	VCID-sqr4-v889-tff8

vulnerability	VCID-twf5-bzba-gqb4

vulnerability	VCID-u16w-rbuk-ybfs

vulnerability	VCID-uedz-j2vn-cbea

vulnerability	VCID-vqx2-hzju-r7et

vulnerability	VCID-wvnk-63hy-ykeq

vulnerability	VCID-xpsb-2yux-g3cf

vulnerability	VCID-xxud-7jsh-bbc1

vulnerability	VCID-y2sz-c6vb-pkdp

vulnerability	VCID-zqd4-rdem-jfgk

vulnerability	VCID-zsgc-fnen-b7a6

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@4.1.1

aliases CVE-2018-0575, GHSA-w935-p7mg-xc96

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-r4jc-22rq-d3cb

url VCID-y9f3-k7xk-rucf

vulnerability_id VCID-y9f3-k7xk-rucf

summary

Code Injection
baserCMS allows an attacker to execute arbitrary PHP code on the server via unspecified vectors.

references

reference_url

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://api.first.org/data/v1/epss?cve=CVE-2017-10844

reference_url

reference_id

reference_type

scores

value	0.00568
scoring_system	epss
scoring_elements	0.68939
published_at	2026-06-06T12:55:00Z

value	0.00568
scoring_system	epss
scoring_elements	0.6893
published_at	2026-06-05T12:55:00Z

value	0.00568
scoring_system	epss
scoring_elements	0.68891
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-10844

reference_url

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2017-10844

reference_url

reference_id

CVE-2017-10844

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2017-10844

fixed_packages

url pkg:composer/baserproject/basercms@3.0.15

purl pkg:composer/baserproject/basercms@3.0.15

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1q79-sxzp-zker

vulnerability	VCID-2u6y-aj6t-7fb1

vulnerability	VCID-3new-f12y-8bf9

vulnerability	VCID-4zw8-truk-pugf

vulnerability	VCID-5ay3-1t5g-vycu

vulnerability	VCID-6trr-5deb-yydm

vulnerability	VCID-7x3n-4c2b-nfbx

vulnerability	VCID-891u-x525-ykbb

vulnerability	VCID-8buz-nsr9-3yge

vulnerability	VCID-8ssu-umet-37bk

vulnerability	VCID-9mf7-56fh-fyfk

vulnerability	VCID-ays7-6wvh-augt

vulnerability	VCID-d1sf-cmct-zbh1

vulnerability	VCID-d5gk-q2hh-kba5

vulnerability	VCID-e4xa-jm9u-nked

vulnerability	VCID-eq7f-n3g5-s3hu

vulnerability	VCID-g56w-z9cx-5ygv

vulnerability	VCID-ga9u-uv9b-tydr

vulnerability	VCID-ggv8-3v9t-mfea

vulnerability	VCID-gsg3-fdmu-vqag

vulnerability	VCID-hpk4-a6tr-3ffe

vulnerability	VCID-j37y-gws9-ake9

vulnerability	VCID-jby7-s5ez-dqb3

vulnerability	VCID-k575-suuf-7bhf

vulnerability	VCID-k5qv-4yp3-zbgf

vulnerability	VCID-khft-xvrw-g3dr

vulnerability	VCID-kmpp-6j49-pqfz

vulnerability	VCID-mfm9-gsh3-ubg8

vulnerability	VCID-nxrf-64er-xbfx

vulnerability	VCID-p695-t9ye-v3ga

vulnerability	VCID-p6nr-eu91-53b4

vulnerability	VCID-pd8c-9d7z-zkhg

vulnerability	VCID-r4jc-22rq-d3cb

vulnerability	VCID-sqr4-v889-tff8

vulnerability	VCID-u16w-rbuk-ybfs

vulnerability	VCID-uedz-j2vn-cbea

vulnerability	VCID-vqx2-hzju-r7et

vulnerability	VCID-xpsb-2yux-g3cf

vulnerability	VCID-y2sz-c6vb-pkdp

vulnerability	VCID-yesf-qxgy-3ygx

vulnerability	VCID-zqd4-rdem-jfgk

vulnerability	VCID-zsgc-fnen-b7a6

vulnerability	VCID-zy68-bur9-1fck

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@3.0.15

url pkg:composer/baserproject/basercms@4.0.5.1

purl pkg:composer/baserproject/basercms@4.0.5.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1q79-sxzp-zker

vulnerability	VCID-2u6y-aj6t-7fb1

vulnerability	VCID-3new-f12y-8bf9

vulnerability	VCID-4zw8-truk-pugf

vulnerability	VCID-5ay3-1t5g-vycu

vulnerability	VCID-6trr-5deb-yydm

vulnerability	VCID-7x3n-4c2b-nfbx

vulnerability	VCID-891u-x525-ykbb

vulnerability	VCID-8buz-nsr9-3yge

vulnerability	VCID-8ssu-umet-37bk

vulnerability	VCID-9mf7-56fh-fyfk

vulnerability	VCID-ays7-6wvh-augt

vulnerability	VCID-d1sf-cmct-zbh1

vulnerability	VCID-d5gk-q2hh-kba5

vulnerability	VCID-e4xa-jm9u-nked

vulnerability	VCID-eq7f-n3g5-s3hu

vulnerability	VCID-g56w-z9cx-5ygv

vulnerability	VCID-ga9u-uv9b-tydr

vulnerability	VCID-ggv8-3v9t-mfea

vulnerability	VCID-gsg3-fdmu-vqag

vulnerability	VCID-hpk4-a6tr-3ffe

vulnerability	VCID-j37y-gws9-ake9

vulnerability	VCID-jby7-s5ez-dqb3

vulnerability	VCID-k575-suuf-7bhf

vulnerability	VCID-k5qv-4yp3-zbgf

vulnerability	VCID-khft-xvrw-g3dr

vulnerability	VCID-kmpp-6j49-pqfz

vulnerability	VCID-mfm9-gsh3-ubg8

vulnerability	VCID-nxrf-64er-xbfx

vulnerability	VCID-p695-t9ye-v3ga

vulnerability	VCID-p6nr-eu91-53b4

vulnerability	VCID-pd8c-9d7z-zkhg

vulnerability	VCID-r4jc-22rq-d3cb

vulnerability	VCID-sqr4-v889-tff8

vulnerability	VCID-twf5-bzba-gqb4

vulnerability	VCID-u16w-rbuk-ybfs

vulnerability	VCID-uedz-j2vn-cbea

vulnerability	VCID-vqx2-hzju-r7et

vulnerability	VCID-wvnk-63hy-ykeq

vulnerability	VCID-xpsb-2yux-g3cf

vulnerability	VCID-xxud-7jsh-bbc1

vulnerability	VCID-y2sz-c6vb-pkdp

vulnerability	VCID-yesf-qxgy-3ygx

vulnerability	VCID-zqd4-rdem-jfgk

vulnerability	VCID-zsgc-fnen-b7a6

vulnerability	VCID-zy68-bur9-1fck

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@4.0.5.1

url pkg:composer/baserproject/basercms@4.0.6

purl pkg:composer/baserproject/basercms@4.0.6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1q79-sxzp-zker

vulnerability	VCID-2u6y-aj6t-7fb1

vulnerability	VCID-3new-f12y-8bf9

vulnerability	VCID-4zw8-truk-pugf

vulnerability	VCID-5ay3-1t5g-vycu

vulnerability	VCID-6trr-5deb-yydm

vulnerability	VCID-7x3n-4c2b-nfbx

vulnerability	VCID-891u-x525-ykbb

vulnerability	VCID-8buz-nsr9-3yge

vulnerability	VCID-8ssu-umet-37bk

vulnerability	VCID-9mf7-56fh-fyfk

vulnerability	VCID-ays7-6wvh-augt

vulnerability	VCID-d1sf-cmct-zbh1

vulnerability	VCID-d5gk-q2hh-kba5

vulnerability	VCID-e4xa-jm9u-nked

vulnerability	VCID-eq7f-n3g5-s3hu

vulnerability	VCID-g56w-z9cx-5ygv

vulnerability	VCID-ga9u-uv9b-tydr

vulnerability	VCID-ggv8-3v9t-mfea

vulnerability	VCID-gsg3-fdmu-vqag

vulnerability	VCID-hpk4-a6tr-3ffe

vulnerability	VCID-j37y-gws9-ake9

vulnerability	VCID-jby7-s5ez-dqb3

vulnerability	VCID-k575-suuf-7bhf

vulnerability	VCID-k5qv-4yp3-zbgf

vulnerability	VCID-khft-xvrw-g3dr

vulnerability	VCID-kmpp-6j49-pqfz

vulnerability	VCID-mfm9-gsh3-ubg8

vulnerability	VCID-nxrf-64er-xbfx

vulnerability	VCID-p695-t9ye-v3ga

vulnerability	VCID-p6nr-eu91-53b4

vulnerability	VCID-pd8c-9d7z-zkhg

vulnerability	VCID-r4jc-22rq-d3cb

vulnerability	VCID-sqr4-v889-tff8

vulnerability	VCID-twf5-bzba-gqb4

vulnerability	VCID-u16w-rbuk-ybfs

vulnerability	VCID-uedz-j2vn-cbea

vulnerability	VCID-vqx2-hzju-r7et

vulnerability	VCID-wvnk-63hy-ykeq

vulnerability	VCID-xpsb-2yux-g3cf

vulnerability	VCID-xxud-7jsh-bbc1

vulnerability	VCID-y2sz-c6vb-pkdp

vulnerability	VCID-yesf-qxgy-3ygx

vulnerability	VCID-zqd4-rdem-jfgk

vulnerability	VCID-zsgc-fnen-b7a6

vulnerability	VCID-zy68-bur9-1fck

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@4.0.6

aliases CVE-2017-10844, GHSA-69gw-v5ph-6vxq

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-y9f3-k7xk-rucf

url VCID-yesf-qxgy-3ygx

vulnerability_id VCID-yesf-qxgy-3ygx

summary

Improper Access Control
baserCMS allows remote authenticated attackers to bypass access restriction to view or alter a restricted content via unspecified vectors.

references

reference_url

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://api.first.org/data/v1/epss?cve=CVE-2018-0572

reference_url

reference_id

reference_type

scores

value	0.00193
scoring_system	epss
scoring_elements	0.4106
published_at	2026-06-04T12:55:00Z

value	0.00193
scoring_system	epss
scoring_elements	0.41139
published_at	2026-06-06T12:55:00Z

value	0.00193
scoring_system	epss
scoring_elements	0.41135
published_at	2026-06-05T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-0572

reference_url

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2018-0572

reference_url

reference_id

CVE-2018-0572

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2018-0572

fixed_packages

url pkg:composer/baserproject/basercms@3.0.16

purl pkg:composer/baserproject/basercms@3.0.16

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1q79-sxzp-zker

vulnerability	VCID-3new-f12y-8bf9

vulnerability	VCID-4zw8-truk-pugf

vulnerability	VCID-5ay3-1t5g-vycu

vulnerability	VCID-7x3n-4c2b-nfbx

vulnerability	VCID-891u-x525-ykbb

vulnerability	VCID-8buz-nsr9-3yge

vulnerability	VCID-8ssu-umet-37bk

vulnerability	VCID-9mf7-56fh-fyfk

vulnerability	VCID-ays7-6wvh-augt

vulnerability	VCID-d1sf-cmct-zbh1

vulnerability	VCID-d5gk-q2hh-kba5

vulnerability	VCID-eq7f-n3g5-s3hu

vulnerability	VCID-g56w-z9cx-5ygv

vulnerability	VCID-ggv8-3v9t-mfea

vulnerability	VCID-gsg3-fdmu-vqag

vulnerability	VCID-hpk4-a6tr-3ffe

vulnerability	VCID-j37y-gws9-ake9

vulnerability	VCID-jby7-s5ez-dqb3

vulnerability	VCID-k575-suuf-7bhf

vulnerability	VCID-k5qv-4yp3-zbgf

vulnerability	VCID-khft-xvrw-g3dr

vulnerability	VCID-kmpp-6j49-pqfz

vulnerability	VCID-mfm9-gsh3-ubg8

vulnerability	VCID-nxrf-64er-xbfx

vulnerability	VCID-p695-t9ye-v3ga

vulnerability	VCID-p6nr-eu91-53b4

vulnerability	VCID-pd8c-9d7z-zkhg

vulnerability	VCID-sqr4-v889-tff8

vulnerability	VCID-u16w-rbuk-ybfs

vulnerability	VCID-uedz-j2vn-cbea

vulnerability	VCID-vqx2-hzju-r7et

vulnerability	VCID-xpsb-2yux-g3cf

vulnerability	VCID-y2sz-c6vb-pkdp

vulnerability	VCID-zqd4-rdem-jfgk

vulnerability	VCID-zsgc-fnen-b7a6

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@3.0.16

url pkg:composer/baserproject/basercms@4.1.1

purl pkg:composer/baserproject/basercms@4.1.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1q79-sxzp-zker

vulnerability	VCID-3new-f12y-8bf9

vulnerability	VCID-4zw8-truk-pugf

vulnerability	VCID-5ay3-1t5g-vycu

vulnerability	VCID-7x3n-4c2b-nfbx

vulnerability	VCID-891u-x525-ykbb

vulnerability	VCID-8buz-nsr9-3yge

vulnerability	VCID-8ssu-umet-37bk

vulnerability	VCID-9mf7-56fh-fyfk

vulnerability	VCID-ays7-6wvh-augt

vulnerability	VCID-d1sf-cmct-zbh1

vulnerability	VCID-d5gk-q2hh-kba5

vulnerability	VCID-eq7f-n3g5-s3hu

vulnerability	VCID-g56w-z9cx-5ygv

vulnerability	VCID-ggv8-3v9t-mfea

vulnerability	VCID-gsg3-fdmu-vqag

vulnerability	VCID-hpk4-a6tr-3ffe

vulnerability	VCID-j37y-gws9-ake9

vulnerability	VCID-jby7-s5ez-dqb3

vulnerability	VCID-k575-suuf-7bhf

vulnerability	VCID-k5qv-4yp3-zbgf

vulnerability	VCID-khft-xvrw-g3dr

vulnerability	VCID-kmpp-6j49-pqfz

vulnerability	VCID-mfm9-gsh3-ubg8

vulnerability	VCID-nxrf-64er-xbfx

vulnerability	VCID-p695-t9ye-v3ga

vulnerability	VCID-p6nr-eu91-53b4

vulnerability	VCID-pd8c-9d7z-zkhg

vulnerability	VCID-sqr4-v889-tff8

vulnerability	VCID-twf5-bzba-gqb4

vulnerability	VCID-u16w-rbuk-ybfs

vulnerability	VCID-uedz-j2vn-cbea

vulnerability	VCID-vqx2-hzju-r7et

vulnerability	VCID-wvnk-63hy-ykeq

vulnerability	VCID-xpsb-2yux-g3cf

vulnerability	VCID-xxud-7jsh-bbc1

vulnerability	VCID-y2sz-c6vb-pkdp

vulnerability	VCID-zqd4-rdem-jfgk

vulnerability	VCID-zsgc-fnen-b7a6

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/baserproject/basercms@4.1.1

aliases CVE-2018-0572, GHSA-mjj9-33j8-pfwh

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yesf-qxgy-3ygx

url VCID-zy68-bur9-1fck

vulnerability_id VCID-zy68-bur9-1fck

summary

Cross-site Scripting
Cross-site scripting vulnerability in baserCMS allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

references

reference_url

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://api.first.org/data/v1/epss?cve=CVE-2018-0574

reference_url

reference_id

reference_type

scores

value	0.0026
scoring_system	epss
scoring_elements	0.49673
published_at	2026-06-06T12:55:00Z

value	0.0026
scoring_system	epss
scoring_elements	0.49663
published_at	2026-06-05T12:55:00Z

value	0.0026
scoring_system	epss
scoring_elements	0.49601
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-0574

reference_url

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url