Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

GHSA-4x2f-54wr-4hjg

GitHub Security Advisory

Potential Zip Slip Vulnerability in baserCMS

✓ GitHub Reviewed HIGH Has CVE
View on GitHub

Advisory Details

There is a OS Command Injection Vulnerability on the management system of baserCMS.

This is a vulnerability that needs to be addressed when the management system is used by an unspecified number of users.
If you are eligible, please update to the new version as soon as possible.

Target
baserCMS 4.5.3 and earlier versions

Vulnerability
OS Command Injection Vulnerability.

Countermeasures
Update to the latest version of baserCMS

Credits
Daniele Scanu @SoterItSecurity

Affected Packages

Packagist baserproject/basercms
Affected versions: 0 (fixed in 4.5.4)

Related CVEs

CVE-2021-41279

Key Information

GHSA ID
GHSA-4x2f-54wr-4hjg
Published
December 1, 2021 6:29 PM
Last Modified
November 29, 2021 7:15 PM
CVSS Score
7.5 /10
Primary Ecosystem
Packagist
Primary Package
baserproject/basercms
GitHub Reviewed
✓ Yes

Dataset

Last updated: July 12, 2025 6:29 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.