Bigtreecms : Security Vulnerabilities, CVEs, (Directory traversal)
A directory traversal vulnerability exists in core\admin\ajax\developer\extensions\file-browser.php in BigTree CMS through 4.2.18 on Windows, allowing attackers to read arbitrary files via ..\ sequences in the directory parameter.
Max CVSS
7.5
EPSS Score
0.32%
Published
2017-06-04
Updated
2017-06-06
1 vulnerabilities found