Filtered by vendor Bigtreecms Subscriptions
Total 45 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2017-9448 1 Bigtreecms 1 Bigtree Cms 2024-11-21 N/A
Cross-site scripting (XSS) vulnerabilities in BigTree CMS through 4.2.18 allow remote authenticated users to inject arbitrary web script or HTML via the description parameter. This issue exists in core\admin\ajax\pages\save-revision.php and core\admin\modules\pages\revisions.php. Low-privileged (administrator) users can attack high-privileged (Developer) users.
CVE-2017-9444 1 Bigtreecms 1 Bigtree Cms 2024-11-21 N/A
BigTree CMS through 4.2.18 has CSRF related to the core\admin\modules\users\profile\update.php script (modify user information), the index.php/admin/developer/packages/delete/ URI (remove packages), the index.php/admin/developer/upgrade/ignore/?versions= URI, and the index.php/admin/developer/upgrade/set-ftp-directory/ URI.
CVE-2017-9443 1 Bigtreecms 1 Bigtree Cms 2024-11-21 8.8 High
BigTree CMS through 4.2.18 allows remote authenticated users to conduct SQL injection attacks via a crafted tables object in manifest.json in an uploaded package. This issue exists in core\admin\modules\developer\extensions\install\process.php and core\admin\modules\developer\packages\install\process.php. NOTE: the vendor states "You must implicitly trust any package or extension you install as they all have the ability to write PHP files.
CVE-2017-9442 1 Bigtreecms 1 Bigtree Cms 2024-11-21 N/A
BigTree CMS through 4.2.18 allows remote authenticated users to execute arbitrary code by uploading a crafted package containing a PHP web shell, related to extraction of a ZIP archive to filename patterns such as cache/package/xxx/yyy.php. This issue exists in core\admin\modules\developer\extensions\install\unpack.php and core\admin\modules\developer\packages\install\unpack.php. NOTE: the vendor states "You must implicitly trust any package or extension you install as they all have the ability to write PHP files.
CVE-2017-9441 1 Bigtreecms 1 Bigtree Cms 2024-11-21 2.7 Low
Multiple cross-site scripting (XSS) vulnerabilities in BigTree CMS through 4.2.18 allow remote authenticated users to inject arbitrary web script or HTML by uploading a crafted package, triggering mishandling of the (1) title or (2) version or (3) author_name parameter in manifest.json. This issue exists in core\admin\modules\developer\extensions\install\unpack.php and core\admin\modules\developer\packages\install\unpack.php. NOTE: the vendor states "You must implicitly trust any package or extension you install as they all have the ability to write PHP files.
CVE-2017-9428 2 Bigtreecms, Microsoft 2 Bigtree Cms, Windows 2024-11-21 N/A
A directory traversal vulnerability exists in core\admin\ajax\developer\extensions\file-browser.php in BigTree CMS through 4.2.18 on Windows, allowing attackers to read arbitrary files via ..\ sequences in the directory parameter.
CVE-2017-9427 1 Bigtreecms 1 Bigtree Cms 2024-11-21 N/A
SQL injection vulnerability in BigTree CMS through 4.2.18 allows remote authenticated users to execute arbitrary SQL commands via core\admin\modules\developer\modules\designer\form-create.php. The attacker creates a crafted table name at admin/developer/modules/designer/ and the injection is visible at admin/dashboard/vitals-statistics/integrity/check/?external=true.
CVE-2017-9379 1 Bigtreecms 1 Bigtree Cms 2024-11-21 N/A
Multiple CSRF issues exist in BigTree CMS through 4.2.18 - the clear parameter to core\admin\modules\dashboard\vitals-statistics\404\clear.php and the from or to parameter to core\admin\modules\dashboard\vitals-statistics\404\create-301.php.
CVE-2017-9378 1 Bigtreecms 1 Bigtree Cms 2024-11-21 N/A
BigTree CMS through 4.2.18 does not prevent a user from deleting their own account. This could have security relevance because deletion was supposed to be an admin-only action, and the admin may have other tasks (such as data backups) to complete before a user is deleted.
CVE-2017-9365 1 Bigtreecms 1 Bigtree Cms 2024-11-21 N/A
CSRF exists in BigTree CMS through 4.2.18 with the force parameter to /admin/pages/revisions.php - for example: /admin/pages/revisions/1/?force=false. A page with id=1 can be unlocked.
CVE-2017-9364 1 Bigtreecms 1 Bigtree Cms 2024-11-21 N/A
Unrestricted File Upload exists in BigTree CMS through 4.2.18: if an attacker uploads an 'xxx.pht' or 'xxx.phtml' file, they could bypass a safety check and execute any code.
CVE-2017-7881 1 Bigtreecms 1 Bigtree Cms 2024-11-21 N/A
BigTree CMS through 4.2.17 relies on a substring check for CSRF protection, which allows remote attackers to bypass this check by placing the required admin/developer/ URI within a query string in an HTTP Referer header. This was found in core/admin/modules/developer/_header.php and patched in core/inc/bigtree/admin.php on 2017-04-14.
CVE-2017-7695 1 Bigtreecms 1 Bigtree Cms 2024-11-21 N/A
Unrestricted File Upload exists in BigTree CMS before 4.2.17: if an attacker uploads an 'xxx.php[space]' file, they could bypass a safety check and execute any code.
CVE-2017-6918 1 Bigtreecms 1 Bigtree Cms 2024-11-21 N/A
CSRF exists in BigTree CMS 4.2.16 with the value[#][*] parameter to the admin/settings/update/ page. The Navigation Social can be changed.
CVE-2017-6917 1 Bigtreecms 1 Bigtree Cms 2024-11-21 N/A
CSRF exists in BigTree CMS 4.2.16 with the value parameter to the admin/settings/update/ page. The Colophon can be changed.
CVE-2017-6916 1 Bigtreecms 1 Bigtree Cms 2024-11-21 N/A
CSRF exists in BigTree CMS 4.1.18 with the nav-social[#] parameter to the admin/settings/update/ page. The Navigation Social can be changed.
CVE-2017-6915 1 Bigtreecms 1 Bigtree Cms 2024-11-21 N/A
CSRF exists in BigTree CMS 4.1.18 with the colophon parameter to the admin/settings/update/ page. The Colophon can be changed.
CVE-2017-6914 1 Bigtreecms 1 Bigtree Cms 2024-11-21 N/A
CSRF exists in BigTree CMS 4.1.18 and 4.2.16 with the id parameter to the admin/ajax/users/delete/ page. A user can be deleted.
CVE-2017-16961 1 Bigtreecms 1 Bigtree Cms 2024-11-21 N/A
A SQL injection vulnerability in core/inc/auto-modules.php in BigTree CMS through 4.2.19 allows remote authenticated attackers to obtain information in the context of the user used by the application to retrieve data from the database. The attack uses an admin/trees/add/process request with a crafted _tags[] parameter that is mishandled in a later admin/ajax/dashboard/approve-change request.
CVE-2017-11736 1 Bigtreecms 1 Bigtree Cms 2024-11-21 N/A
SQL injection vulnerability in core\admin\auto-modules\forms\process.php in BigTree 4.2.18 allows remote authenticated users to execute arbitrary SQL commands via the tags array parameter.