Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:CVE-2017-7881
HistoryApr 15, 2017 - 4:59 p.m.

CVE-2017-7881

2017-04-1516:59:00
Google
osv.dev
4

AI Score

7

Confidence

Low

EPSS

0.001

Percentile

39.3%

JSON

BigTree CMS through 4.2.17 relies on a substring check for CSRF protection, which allows remote attackers to bypass this check by placing the required admin/developer/ URI within a query string in an HTTP Referer header. This was found in core/admin/modules/developer/_header.php and patched in core/inc/bigtree/admin.php on 2017-04-14.

Related

cve 1
openvas 1
prion 1
nvd 1
cvelist 1
cve
cve
CVE-2017-7881
2017-04-15 16:59:00
openvas
openvas
BigTree CMS <= 4.2.17 CSRF Vulnerability
2017-04-19 00:00:00
prion
prion
Cross site request forgery (csrf)
2017-04-15 16:59:00
nvd
nvd
CVE-2017-7881
2017-04-15 16:59:00
cvelist
cvelist
CVE-2017-7881
2017-04-15 16:00:00

AI Score

7

Confidence

Low

EPSS

0.001

Percentile

39.3%

JSON
Related for OSV:CVE-2017-7881
cve1openvas1prion1nvd1cvelist1