Find real vulnerabilities before they ship
Vulnerability Database › packagist › CVE-2017-10843
baserCMS version 3.0.14 and earlier, 4.0.5 and earlier allows remote attackers to delete arbitrary files via unspecified vectors when the "File" field is being used in the mail form.
Base Score