CVE-2018-17341
BigTree 4.2.23 on Windows is affected. When Advanced or Simple Rewrite routing is enabled, authentication can be bypassed via a ..\ substring in the URL (example: launch.php?bigtree_htaccess_url=admin/images/..). This is a remote-auth bypass vulnerability described across NVD, Red Hat, OSV, CVE d...