CVE-2026-21861 in basercmsinformation

Résumé (Anglaise)

baserCMS is a website development framework. Prior to version 5.2.3, baserCMS contains an OS command injection vulnerability in the core update functionality. An authenticated administrator can execute arbitrary OS commands on the server due to improper handling of user-controlled input that is directly passed to exec() without sufficient validation or escaping. This issue has been patched in version 5.2.3.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Responsable

GitHub_M

Réserver

05/01/2026

Divulgation

31/03/2026

Statut

Confirmé

Entrées

VulDB provides additional information and datapoints for this CVE:

IDVulnérabilitéCWEExpConCVE
354319baserproject basercms exec élévation de privilèges78Non définiCorrectif officielCVE-2026-21861

Description

CPE

CWE

CVSS

Exploits

Histoire

Diff

Relier

Renseignements sur les menaces

API JSON

API XML

API CSV

Sources

PrécédentAperçuSuivant

Want to know what is going to be exploited?

We predict KEV entries!