BigTree CMS BigTree CMS 4.3.1

CPE Details

BigTree CMS BigTree CMS 4.3.1
bigtreecms
bigtree_cms
4.3.1
2019-05-14
16h22 +00:00
2019-05-14
16h22 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:bigtreecms:bigtree_cms:4.3.1:*:*:*:*:*:*:*

Informations

Vendor

bigtreecms

Product

bigtree_cms

Version

4.3.1

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2020-26670 2021-06-01 12h13 +00:00 A vulnerability has been discovered in BigTree CMS 4.4.10 and earlier which allows an authenticated attacker to execute arbitrary commands through a crafted request sent to the server via the 'Create a New Setting' function.
8.8
High
CVE-2020-26669 2021-06-01 12h13 +00:00 A stored cross-site scripting (XSS) vulnerability was discovered in BigTree CMS 4.4.10 and earlier which allows an authenticated attacker to execute arbitrary web scripts or HTML via the page content to site/index.php/admin/pages/update.
5.4
Medium
CVE-2020-26668 2021-06-01 12h13 +00:00 A SQL injection vulnerability was discovered in /core/feeds/custom.php in BigTree CMS 4.4.10 and earlier which allows an authenticated attacker to inject a malicious SQL query to the applications via the 'Create New Feed' function.
8.8
High