2 matches found
Design/Logic Flaw
An issue was discovered in BigTree CMS before 4.2.15. The vulnerability exists due to insufficient filtration of user-supplied data in the "id" HTTP GET parameter passed to the "core/admin/adjax/dashboard/check-module-integrity.php" URL. An attacker could execute arbitrary HTML and script code in...
BigTree CMS 'check-module-integrity.php' Cross-Site Scripting Vulnerability
BigTree CMS is an open source content management system. A cross-site scripting vulnerability exists in BigTree CMS 'check-module-integrity.php'. An attacker could exploit the vulnerability to execute arbitrary script code in a user's browser while browsing the affected site to steal cookie-based...