Lucene search
GoogleOSV:CVE-2016-10223HistoryFeb 14, 2017 - 6:59 a.m.
CVE-2016-10223
2017-02-1406:59:00
Google
osv.dev
2
An issue was discovered in BigTree CMS before 4.2.15. The vulnerability exists due to insufficient filtration of user-supplied data in the “id” HTTP GET parameter passed to the “core/admin/adjax/dashboard/check-module-integrity.php” URL. An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable website.
| CPE | Name | Operator | Version |
|---|---|---|---|
| bigtree-cms | eq | 4.2.8 | |
| bigtree-cms | eq | 4.0b7 | |
| bigtree-cms | eq | 4.1.3 | |
| bigtree-cms | eq | 4.0beta5 | |
| bigtree-cms | eq | 4.2.2 | |
| bigtree-cms | eq | 4.2.10 | |
| bigtree-cms | eq | 4.0.3 | |
| bigtree-cms | eq | 4.0beta4 | |
| bigtree-cms | eq | 4.2.11 | |
| bigtree-cms | eq | 4.0b1 |
Related
cve
cve
CVE-2016-10223
2017-02-14 06:59:00
cvelist
cvelist
CVE-2016-10223
2017-02-14 06:30:00
openvas
openvas
BigTree CMS Potential XSS Attack
2017-02-17 00:00:00
prion
prion
Design/Logic Flaw
2017-02-14 06:59:00
nvd
nvd
CVE-2016-10223
2017-02-14 06:59:00