Multiple CSRF issues exist in BigTree CMS through 4.2.18 - the clear parameter to core\admin\modules\dashboard\vitals-statistics\404\clear.php and the from or to parameter to core\admin\modules\dashboard\vitals-statistics\404\create-301.php.
CPE | Name | Operator | Version |
---|---|---|---|
bigtree_cms | le | 4.2.18 |