Unrestricted File Upload exists in BigTree CMS through 4.2.18: if an attacker uploads an ‘xxx.pht’ or ‘xxx.phtml’ file, they could bypass a safety check and execute any code.
CPE | Name | Operator | Version |
---|---|---|---|
bigtree-cms | eq | 4.2.8 | |
bigtree-cms | eq | 4.0b7 | |
bigtree-cms | eq | 4.1.3 | |
bigtree-cms | eq | 4.2.17 | |
bigtree-cms | eq | 4.0beta5 | |
bigtree-cms | eq | 4.2.18 | |
bigtree-cms | eq | 4.2.2 | |
bigtree-cms | eq | 4.2.10 | |
bigtree-cms | eq | 4.2.15 | |
bigtree-cms | eq | 4.0.3 |