3 matches found
CVE-2017-11736
SQL injection vulnerability in core\admin\auto-modules\forms\process.php in BigTree 4.2.18 allows remote authenticated users to execute arbitrary SQL commands via the tags array parameter...
CVE-2017-11736
SQL injection vulnerability in core\admin\auto-modules\forms\process.php in BigTree 4.2.18 allows remote authenticated users to execute arbitrary SQL commands via the tags array parameter...
CVE-2017-11736
CVE-2017-11736 affects BigTree CMS (version 4.2.18). The vulnerability is an SQL injection in the file core/admin/auto-modules/forms/process.php, exploitable via the tags array parameter, which allows remote authenticated users to execute arbitrary SQL commands. Impact is described as partial to ...