Isao Takaesu

Researcher fromMitsui Bussan Secure Directions, Inc.
#9716of 53,633
28.4Total CVSS
Vulnerabilities · 4
Medium
2
High
2
PT-2017-8574
5.4
2017-05-12
Basercms · Basercms · CVE-2016-4877
**Name of the Vulnerable Software and Affected Versions** baserCMS plugin Mail versions 3.0.10 and earlier **Description** A cross-site scripting issue allows remote authenticated attackers to inject arbitrary web script or HTML. **Recommendations** For versions 3.0.10 and earlier, update to a version later than 3.0.10 to resolve the issue.
PT-2017-8576
8.8
2017-05-12
Basercms · Basercms · CVE-2016-4879
**Name of the Vulnerable Software and Affected Versions** baserCMS plugin Mail versions 3.0.10 and earlier **Description** A cross-site request forgery (CSRF) issue allows remote attackers to hijack the authentication of administrators. **Recommendations** For versions 3.0.10 and earlier, update to a version later than 3.0.10 to resolve the issue.
PT-2017-8577
5.4
2017-05-12
Basercms · Basercms · CVE-2016-4880
**Name of the Vulnerable Software and Affected Versions** baserCMS plugin Blog versions 3.0.10 and earlier **Description** A cross-site scripting issue allows remote authenticated attackers to inject arbitrary web script or HTML. **Recommendations** For versions 3.0.10 and earlier, update to a version later than 3.0.10 to resolve the issue.
PT-2017-8578
8.8
2017-05-12
Basercms · Basercms · CVE-2016-4881
**Name of the Vulnerable Software and Affected Versions** baserCMS plugin Blog versions 3.0.10 and earlier **Description** A cross-site request forgery (CSRF) issue allows remote attackers to hijack the authentication of administrators. **Recommendations** For versions 3.0.10 and earlier, update to a version later than 3.0.10 to resolve the issue.