CVE-2017-11736

Published July 29th, 2017

View on NVD ↗

CVSS v3

N/A

CVSS v2

6.5

MEDIUM

Affected

PROJECT

Description

SQL injection vulnerability in core\admin\auto-modules\forms\process.php in BigTree 4.2.18 allows remote authenticated users to execute arbitrary SQL commands via the tags array parameter.

bigtreecms/BigTree-CMS

GitHub

222