2017-07-29 14:00:00
mitre
PUBLISHED
SQL injection vulnerability in coreadminauto-modulesformsprocess.php in BigTree 4.2.18 allows remote authenticated users to execute arbitrary SQL commands via the tags array parameter.