Find real vulnerabilities before they ship
Vulnerability Database › packagist › CVE-2015-5640
baserCMS before 3.0.8 allows remote authenticated users to modify arbitrary user settings via a crafted request.