BigTree CMS BigTree CMS 4.4.3

CPE Details

BigTree CMS BigTree CMS 4.4.3
bigtreecms
bigtree_cms
4.4.3
2019-05-14
16h22 +00:00
2019-05-14
16h22 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:bigtreecms:bigtree_cms:4.4.3:*:*:*:*:*:*:*

Informations

Vendor

bigtreecms

Product

bigtree_cms

Version

4.4.3

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2020-18467 2021-08-26 15h28 +00:00 Cross Site Scripting (XSS) vulnerabilty exists in BigTree-CMS 4.4.3 in the tag name field found in the Tags page under the General menu via a crafted website name by doing an authenticated POST HTTP request to admin/tags/create.
5.4
Medium
CVE-2020-26670 2021-06-01 12h13 +00:00 A vulnerability has been discovered in BigTree CMS 4.4.10 and earlier which allows an authenticated attacker to execute arbitrary commands through a crafted request sent to the server via the 'Create a New Setting' function.
8.8
High
CVE-2020-26669 2021-06-01 12h13 +00:00 A stored cross-site scripting (XSS) vulnerability was discovered in BigTree CMS 4.4.10 and earlier which allows an authenticated attacker to execute arbitrary web scripts or HTML via the page content to site/index.php/admin/pages/update.
5.4
Medium
CVE-2020-26668 2021-06-01 12h13 +00:00 A SQL injection vulnerability was discovered in /core/feeds/custom.php in BigTree CMS 4.4.10 and earlier which allows an authenticated attacker to inject a malicious SQL query to the applications via the 'Create New Feed' function.
8.8
High