app/config/core.php in baserCMS 1.6.15 and earlier does not properly handle installations in shared-hosting environments, which allows remote attackers to hijack sessions by leveraging administrative access to a different domain.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Basercms | Basercms | 1.5.6 | 1.5.6 |
Basercms | Basercms | 1.5.7 | 1.5.7 |
Basercms | Basercms | 1.5.4 | 1.5.4 |
Basercms | Basercms | 1.5.5 | 1.5.5 |
Basercms | Basercms | 1.5.8 | 1.5.8 |
Basercms | Basercms | 1.5.9 | 1.5.9 |
Basercms | Basercms | 1.6.0 | 1.6.0 |
Basercms | Basercms | 1.6.1 | 1.6.1 |
Basercms | Basercms | 1.6.2 | 1.6.2 |
Basercms | Basercms | 1.6.4 | 1.6.4 |
Basercms | Basercms | 1.6.5 | 1.6.5 |
Basercms | Basercms | 1.6.3 | 1.6.3 |
Basercms | Basercms | 1.6.6 | 1.6.6 |
Basercms | Basercms | 1.6.9 | 1.6.9 |
Basercms | Basercms | 1.6.7.1 | 1.6.7.1 |
Basercms | Basercms | 1.6.8 | 1.6.8 |
Basercms | Basercms | 1.6.7 | 1.6.7 |
Basercms | Basercms | 1.6.10 | 1.6.10 |
Basercms | Basercms | 1.6.11 | 1.6.11 |
Basercms | Basercms | 1.6.9.1 | 1.6.9.1 |
Basercms | Basercms | 1.6.11.1 | 1.6.11.1 |
Basercms | Basercms | 1.6.11.3 | 1.6.11.3 |
Basercms | Basercms | 1.6.11.4 | 1.6.11.4 |
Basercms | Basercms | 1.6.11.2 | 1.6.11.2 |
Basercms | Basercms | 1.6.12 | 1.6.12 |
Basercms | Basercms | 1.6.13.1 | 1.6.13.1 |
Basercms | Basercms | 1.6.13.6 | 1.6.13.6 |
Basercms | Basercms | 1.6.13 | 1.6.13 |
Basercms | Basercms | * | 1.6.15 |
Basercms | Basercms | 1.6.14 | 1.6.14 |