Lucene search
GoogleOSV:CVE-2017-9365HistoryJun 02, 2017 - 5:29 a.m.
CVE-2017-9365
2017-06-0205:29:00
Google
osv.dev
2
CSRF exists in BigTree CMS through 4.2.18 with the force parameter to /admin/pages/revisions.php - for example: /admin/pages/revisions/1/?force=false. A page with id=1 can be unlocked.
| CPE | Name | Operator | Version |
|---|---|---|---|
| bigtree-cms | eq | 4.2.8 | |
| bigtree-cms | eq | 4.0b7 | |
| bigtree-cms | eq | 4.1.3 | |
| bigtree-cms | eq | 4.2.17 | |
| bigtree-cms | eq | 4.0beta5 | |
| bigtree-cms | eq | 4.2.18 | |
| bigtree-cms | eq | 4.2.2 | |
| bigtree-cms | eq | 4.2.10 | |
| bigtree-cms | eq | 4.2.15 | |
| bigtree-cms | eq | 4.0.3 |
Related
cvelist
cvelist
CVE-2017-9365
2017-06-02 05:04:00
nvd
nvd
CVE-2017-9365
2017-06-02 05:29:00
cve
cve
CVE-2017-9365
2017-06-02 05:29:00
prion
prion
Cross site request forgery (csrf)
2017-06-02 05:29:00
openvas
openvas
BigTree CMS <= 4.2.18 Multiple CSRF and XSS Vulnerabilities
2017-06-13 00:00:00