UNKNOWNCVE-2026-30877
baserCMS: OS Command Injection in the baserCMS Update Functionality
Platform
php
Component
basercms
Fixed in
5.2.3
baserCMS is a website development framework. Prior to version 5.2.3, there is an OS command injection vulnerability in the update functionality. Due to this issue, an authenticated user with administrator privileges in baserCMS can execute arbitrary OS commands on the server with the privileges of the user account running baserCMS. This issue has been patched in version 5.2.3.
How to fix
Actualice baserCMS a la versión 5.2.3 o superior. Esta versión contiene la corrección para la vulnerabilidad de inyección de comandos del sistema operativo. La actualización se puede realizar a través del panel de administración de baserCMS o descargando la última versión del sitio web oficial y reemplazando los archivos.
Monitor your dependencies automatically
Get notified when new vulnerabilities affect your projects. Free forever.
Start free