BigTree CMS 4.4.10

CPE Details

BigTree CMS 4.4.10
bigtreecms
bigtree_cms
4.4.10
2021-06-07
09h45 +00:00
2021-06-07
10h59 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:bigtreecms:bigtree_cms:4.4.10:*:*:*:*:*:*:*

Informations

Vendor

bigtreecms

Product

bigtree_cms

Version

4.4.10

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2020-26670 2021-06-01 12h13 +00:00 A vulnerability has been discovered in BigTree CMS 4.4.10 and earlier which allows an authenticated attacker to execute arbitrary commands through a crafted request sent to the server via the 'Create a New Setting' function.
8.8
High
CVE-2020-26669 2021-06-01 12h13 +00:00 A stored cross-site scripting (XSS) vulnerability was discovered in BigTree CMS 4.4.10 and earlier which allows an authenticated attacker to execute arbitrary web scripts or HTML via the page content to site/index.php/admin/pages/update.
5.4
Medium
CVE-2020-26668 2021-06-01 12h13 +00:00 A SQL injection vulnerability was discovered in /core/feeds/custom.php in BigTree CMS 4.4.10 and earlier which allows an authenticated attacker to inject a malicious SQL query to the applications via the 'Create New Feed' function.
8.8
High