Ericueda

**Name of the Vulnerable Software and Affected Versions** baserCMS versions prior to 5.2.3 **Description** baserCMS is a website development framework. A security issue exists in the update functionality that allows an authenticated user with administrator privileges to execute arbitrary OS commands on the server with the privileges of the user account running baserCMS. The issue is due to an OS command injection. **Recommendations** Update to version 5.2.3 or later.