Skip to main content

Baigo Cms

5 CVEs product

Monthly

CVE-2022-26607 HIGH POC This Week

A remote code execution (RCE) vulnerability in baigo CMS v3.0-alpha-2 was discovered to allow attackers to execute arbitrary code via uploading a crafted PHP file. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

File Upload RCE PHP Baigo Cms
NVD GitHub VulDB
CVSS 3.1
7.2
EPSS
2.4%
CVE-2020-20584 MEDIUM POC This Month

A cross site scripting vulnerability in baigo CMS v4.0-beta-1 allows attackers to execute arbitrary web scripts or HTML via the form parameter post to /public/console/profile/info-submit/. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Baigo Cms
NVD GitHub VulDB
CVSS 3.1
6.1
EPSS
1.1%
CVE-2019-9227 CRITICAL POC Act Now

An issue was discovered in baigo CMS 2.1.1. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Code Injection PHP RCE Baigo Cms
NVD GitHub
CVSS 3.0
9.8
EPSS
3.7%
CVE-2019-9226 MEDIUM POC This Month

An issue was discovered in baigo CMS 2.1.1. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Baigo Cms
NVD GitHub
CVSS 3.0
6.1
EPSS
1.1%
CVE-2018-16458 MEDIUM POC This Month

An issue was discovered in baigo CMS v2.1.1. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF PHP Baigo Cms
NVD GitHub
CVSS 3.0
6.5
EPSS
0.4%
EPSS 2% CVSS 7.2
HIGH POC This Week

A remote code execution (RCE) vulnerability in baigo CMS v3.0-alpha-2 was discovered to allow attackers to execute arbitrary code via uploading a crafted PHP file. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

File Upload RCE PHP +1
NVD GitHub VulDB
EPSS 1% CVSS 6.1
MEDIUM POC This Month

A cross site scripting vulnerability in baigo CMS v4.0-beta-1 allows attackers to execute arbitrary web scripts or HTML via the form parameter post to /public/console/profile/info-submit/. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Baigo Cms
NVD GitHub VulDB
EPSS 4% CVSS 9.8
CRITICAL POC Act Now

An issue was discovered in baigo CMS 2.1.1. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Code Injection PHP RCE +1
NVD GitHub
EPSS 1% CVSS 6.1
MEDIUM POC This Month

An issue was discovered in baigo CMS 2.1.1. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Baigo Cms
NVD GitHub
EPSS 0% CVSS 6.5
MEDIUM POC This Month

An issue was discovered in baigo CMS v2.1.1. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF PHP Baigo Cms
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy