Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

GHSA-h4cc-fxpp-pgw9

GitHub Security Advisory

baserCMS File Uploader Remote Code Execution (RCE) vulnerability

✓ GitHub Reviewed CRITICAL Has CVE
View on GitHub

Advisory Details

### Impact
There is a Remote Code Execution (RCE) Vulnerability on the management system of baserCMS.

### Target
baserCMS 4.7.3 and earlier versions

### Patches
Update to the latest version of baserCMS

### Credits
島峰泰平@三井物産セキュアディレクション株式会社

Affected Packages

Packagist baserproject/basercms
Affected versions: 0 (fixed in 4.7.5)

Related CVEs

CVE-2023-25654

Key Information

GHSA ID
GHSA-h4cc-fxpp-pgw9
Published
March 23, 2023 8:00 PM
Last Modified
March 28, 2023 6:06 PM
CVSS Score
9.0 /10
Primary Ecosystem
Packagist
Primary Package
baserproject/basercms
GitHub Reviewed
✓ Yes

Dataset

Last updated: July 12, 2025 6:29 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.