Known Vulnerabilities for Bigtree Cms by Bigtreecms
Listed below are 10 of the newest known vulnerabilities associated with "Bigtree Cms" by "Bigtreecms".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2023-44954 json | Cross Site Scripting vulnerability in BigTree CMS v.4.5.7 allows a remote attacker to execute arbitrary code via the ID param... | 5.4 - MEDIUM | 2023-11-01 | 2023-11-09 |
| CVE-2022-36197 json | BigTree CMS 4.4.16 was discovered to contain an arbitrary file upload vulnerability which allows attackers to execute arbitra... | 5.4 - MEDIUM | 2022-08-03 | 2022-08-09 |
| CVE-2020-26670 json | A vulnerability has been discovered in BigTree CMS 4.4.10 and earlier which allows an authenticated attacker to execute arbit... | 8.8 - HIGH | 2021-06-01 | 2022-05-03 |
| CVE-2020-26669 json | A stored cross-site scripting (XSS) vulnerability was discovered in BigTree CMS 4.4.10 and earlier which allows an authentica... | 5.4 - MEDIUM | 2021-06-01 | 2021-06-09 |
| CVE-2020-26668 json | A SQL injection vulnerability was discovered in /core/feeds/custom.php in BigTree CMS 4.4.10 and earlier which allows an auth... | 8.8 - HIGH | 2021-06-01 | 2021-06-09 |
| CVE-2020-18467 json | Cross Site Scripting (XSS) vulnerabilty exists in BigTree-CMS 4.4.3 in the tag name field found in the Tags page under the Ge... | 5.4 - MEDIUM | 2021-08-26 | 2021-08-27 |
| CVE-2018-1000521 json | BigTree-CMS contains a Cross Site Scripting (XSS) vulnerability in /users/create that can result in The low-privileged users ... | 6.1 - MEDIUM | 2018-06-26 | 2018-08-27 |
| CVE-2018-18380 json | A Session Fixation issue was discovered in Bigtree before 4.2.24. admin.php accepts a user-provided PHP session ID instead of... | 5.4 - MEDIUM | 2018-10-19 | 2019-01-25 |
| CVE-2018-18308 json | In the 4.2.23 version of BigTree, a Stored XSS vulnerability has been discovered in /admin/ajax/file-browser/upload/ (aka the... | 6.1 - MEDIUM | 2018-10-16 | 2019-04-12 |
| CVE-2018-17341 json | BigTree 4.2.23 on Windows, when Advanced or Simple Rewrite routing is enabled, allows remote attackers to bypass authenticati... | 8.1 - HIGH | 2018-09-23 | 2018-11-21 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Bigtreecms | Bigtree Cms | 4.4.9 | |||
| Application | Bigtreecms | Bigtree Cms | 4.4.8 | |||
| Application | Bigtreecms | Bigtree Cms | 4.4.7 | |||
| Application | Bigtreecms | Bigtree Cms | 4.4.6 | |||
| Application | Bigtreecms | Bigtree Cms | 4.4.5 | |||
| Application | Bigtreecms | Bigtree Cms | 4.4.4 | |||
| Application | Bigtreecms | Bigtree Cms | 4.4.3 | |||
| Application | Bigtreecms | Bigtree Cms | 4.4.2 | |||
| Application | Bigtreecms | Bigtree Cms | 4.4.1 | |||
| Application | Bigtreecms | Bigtree Cms | 4.4 | |||
| Application | Bigtreecms | Bigtree Cms | 4.3.4 | |||
| Application | Bigtreecms | Bigtree Cms | 4.3.2 | |||
| Application | Bigtreecms | Bigtree Cms | 4.3.1 | |||
| Application | Bigtreecms | Bigtree Cms | 4.3 | |||
| Application | Bigtreecms | Bigtree Cms | 4.2.9 | |||
| Application | Bigtreecms | Bigtree Cms | 4.2.8 | |||
| Application | Bigtreecms | Bigtree Cms | 4.2.7 | |||
| Application | Bigtreecms | Bigtree Cms | 4.2.6 | |||
| Application | Bigtreecms | Bigtree Cms | 4.2.5 | |||
| Application | Bigtreecms | Bigtree Cms | 4.2.4 |