CVE-2017-9428

2017-06-0414:00:00

mitre

www.cve.org

AI Score

Confidence

High

EPSS

0.003

Percentile

70.5%

JSON

A directory traversal vulnerability exists in core\admin\ajax\developer\extensions\file-browser.php in BigTree CMS through 4.2.18 on Windows, allowing attackers to read arbitrary files via …\ sequences in the directory parameter.

References

github.com/bigtreecms/BigTree-CMS/issues/289