CVE-2020-15159 – baserCMS 4.3.6 and earlier is affected by Cross Site Scripting (XSS) and Remote Code Execu …

28 August 2020

Vuln ID: CVE-2020-15159

Published: 2020-08-28 22:15:10Z

Description: baserCMS 4.3.6 and earlier is affected by Cross Site Scripting (XSS) and Remote Code Execution (RCE). This may be executed by logging in as a system administrator and uploading an executable script file such as a PHP file.The affected components are ThemeFilesController.php and UploaderFilesController.php. This is fixed in version 4.3.7.

Source: NVD.NIST.GOV

Date:

28 August 2020

Categorie(s):

NVD

Tag(s):

NVD

How two brothers allegedly swiped $25M in a 12-second Ethereum heist18 May 2024
How to revamp your cybersecurity in the middle of the chaos18 May 2024
Leveling the cybersecurity playing field18 May 2024
Automated pentesting in the cloud18 May 2024
Hardware cybersecurity leader, Flexxon, introduces Server Defender18 May 2024