CVSS: 5.1EPSS: 0%CPEs: 30EXPL: 0CVE-2012-1248
https://notcve.org/view.php?id=CVE-2012-1248
app/config/core.php in baserCMS 1.6.15 and earlier does not properly handle installations in shared-hosting environments, which allows remote attackers to hijack sessions by leveraging administrative access to a different domain. app/config/core.php in baserCMS v1.6.15 y anteriores no maneja adecuadamente las instalaciones en entornos de alojamiento compartido, lo que permite a atacantes remotos secuestrar sesiones, aprovechando el acceso administrativo a un dominio diferente. • http://basercms.net/security/1 http://jvn.jp/en/jp/JVN53465692/index.html http://jvndb.jvn.jp/jvndb/JVNDB-2012-000043 http://www.securityfocus.com/bid/53543 https://exchange.xforce.ibmcloud.com/vulnerabilities/75660 • CWE-264: Permissions, Privileges, and Access Controls •