10 matches found
EUVD-2017-18479
Malware in sbrugna...
EUVD-2018-10111
Malware in sbrugna...
EUVD-2018-17776
Malware in sbrugna...
EUVD-2017-18477
Malware in sbrugna...
EUVD-2018-2646
Malware in sbrugna...
CVE-2017-11736
SQL injection vulnerability in core\admin\auto-modules\forms\process.php in BigTree 4.2.18 allows remote authenticated users to execute arbitrary SQL commands via the tags array parameter...
CVE-2018-20405
BigTree 4.3 allows full path disclosure via authenticated admin/news/ input that triggers a syntax error. NOTE: This has been disputed with the following reasoning: "The issue reported requires full developer level access to the content management system where cross site scripting is not an issue...
CVE-2018-17341
BigTree 4.2.23 on Windows is affected. When Advanced or Simple Rewrite routing is enabled, authentication can be bypassed via a ..\ substring in the URL (example: launch.php?bigtree_htaccess_url=admin/images/..). This is a remote-auth bypass vulnerability described across NVD, Red Hat, OSV, CVE d...
Fastspot BigTree File Upload Vulnerability
Fastspot BigTree is the United States Fastspot company based on PHP and MySQL open source content management system CMS. Fastspot BigTree 4.2.22 and earlier versions of site/index.php/admin/trees/add/ has a security vulnerability , the vulnerability stems from core/inc/bigtree/apis/storage.php fi...
Fastspot BigTree CMS SQL Injection Vulnerability (CNVD-2017-08707)
Fastspot BigTree CMS is the United States Fastspot company based on PHP and MySQL open source content management system CMS. A SQL injection vulnerability exists in Fastspot BigTree CMS 4.2.18 and earlier versions. A remote attacker can exploit this vulnerability to execute arbitrary SQL commands...