VYPR
High severity8.1OSV Advisory· Published Sep 23, 2018· Updated Jun 17, 2026

CVE-2018-17341

CVE-2018-17341

Description

BigTree 4.2.23 on Windows, when Advanced or Simple Rewrite routing is enabled, allows remote attackers to bypass authentication via a ..\ substring, as demonstrated by a launch.php?bigtree_htaccess_url=admin/images/..\ URI.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Bigtreecms/Bigtree CMSOSV2 versions
    4.0beta2, 4.2, 4.2.10, …+ 1 more
    • (no CPE)range: 4.0beta2, 4.2, 4.2.10, …
    • (no CPE)range: =4.2.23

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.