Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

GHSA-7rpc-9m88-cf9w

GitHub Security Advisory

OS Command Injection Vulnerability and Potential Zip Slip Vulnerability in baserCMS

✓ GitHub Reviewed CRITICAL Has CVE
View on GitHub

Advisory Details

There is an OS Command Injection Vulnerability on the management system of baserCMS.

This is a vulnerability that needs to be addressed when the management system is used by an unspecified number of users.
If you are eligible, please update to the new version as soon as possible.

Target
baserCMS 4.5.3 and earlier versions

Vulnerability
OS Command Injection Vulnerability.

Countermeasures
Update to the latest version of baserCMS

Credits
Akagi Yusuke @NTT-ME

Affected Packages

Packagist baserproject/basercms
Affected versions: 0 (fixed in 4.5.4)

Related CVEs

CVE-2021-41243

Key Information

GHSA ID
GHSA-7rpc-9m88-cf9w
Published
December 1, 2021 6:29 PM
Last Modified
December 1, 2021 2:32 PM
CVSS Score
9.0 /10
Primary Ecosystem
Packagist
Primary Package
baserproject/basercms
GitHub Reviewed
✓ Yes

Dataset

Last updated: July 12, 2025 6:29 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.