Multiple CSRF issues exist in BigTree CMS through 4.2.18 - the clear parameter to core\admin\modules\dashboard\vitals-statistics\404\clear.php and the from or to parameter to core\admin\modules\dashboard\vitals-statistics\404\create-301.php.
CPE | Name | Operator | Version |
---|---|---|---|
bigtree-cms | eq | 4.0beta6 | |
bigtree-cms | eq | 4.2.12 | |
bigtree-cms | eq | 4.2 | |
bigtree-cms | eq | 4.0beta2 | |
bigtree-cms | eq | 4.2.7 | |
bigtree-cms | eq | 4.1.6 | |
bigtree-cms | eq | 4.2.3 | |
bigtree-cms | eq | 4.2.14 | |
bigtree-cms | eq | 4.2.9 | |
bigtree-cms | eq | 4.0.1 |