2021-06-01 14:13:25
mitre
PUBLISHED
A vulnerability has been discovered in BigTree CMS 4.4.10 and earlier which allows an authenticated attacker to execute arbitrary commands through a crafted request sent to the server via the Create a New Setting function.