VYPR
High severity7.5OSV Advisory· Published Sep 14, 2018· Updated Jun 17, 2026

CVE-2018-17030

CVE-2018-17030

Description

BigTree CMS 4.2.23 allows remote authenticated users, if possessing privileges to set hooks, to execute arbitrary code via /core/admin/auto-modules/forms/process.php.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Bigtreecms/Bigtree CMSOSV2 versions
    4.0beta2, 4.2, 4.2.10, …+ 1 more
    • (no CPE)range: 4.0beta2, 4.2, 4.2.10, …
    • (no CPE)range: =4.2.23

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.