CVE-2017-11736

2017-07-29T10:29:00
ID CVE-2017-11736
Type cve
Reporter NVD
Modified 2017-08-02T13:33:07

Description

SQL injection vulnerability in core\admin\auto-modules\forms\process.php in BigTree 4.2.18 allows remote authenticated users to execute arbitrary SQL commands via the tags array parameter.