2 matches found
CVE-2017-9364
Unrestricted File Upload exists in BigTree CMS through 4.2.18: if an attacker uploads an 'xxx.pht' or 'xxx.phtml' file, they could bypass a safety check and execute any code...
CVE-2017-9364
BigTree CMS < = 4.2.18 is affected by an unrestricted file upload vulnerability that allows an attacker to upload a .pht/.phtml file to bypass a safety check and execute code. Connected sources also reference additional issues in the same release family (BigTree CMS