Security Advisory

CVE-2017-9444

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2017-06-05 19:00:00

Last updated 2024-09-17 03:37:36

Assigner mitre

State PUBLISHED

Description

BigTree CMS through 4.2.18 has CSRF related to the coreadminmodulesusersprofileupdate.php script (modify user information), the index.php/admin/developer/packages/delete/ URI (remove packages), the index.php/admin/developer/upgrade/ignore/?versions= URI, and the index.php/admin/developer/upgrade/set-ftp-directory/ URI.

← Browse all CVEs View on cve.org ↗