4 matches found
BigTree-CMS 4.2.x < 4.2.17 Multiple Vulnerabilities
Binary data 700143.prm...
CVE-2017-6918
CSRF exists in BigTree CMS 4.2.16 with the value parameter to the admin/settings/update/ page. The Navigation Social can be changed...
CVE-2017-6918
CSRF exists in BigTree CMS 4.2.16 with the value parameter to the admin/settings/update/ page. The Navigation Social can be changed...
CVE-2017-6918
BigTree CMS 4.2.16 exposes a CSRF vulnerability via the value[#][*] parameter to the /admin/settings/update/ page, which can change Navigation Social settings. Affected component is the admin settings handler; root cause is cross-site request forgery without user interaction risk details provided...