Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistMitreCVELIST:CVE-2017-7881
HistoryApr 15, 2017 - 4:00 p.m.

CVE-2017-7881

2017-04-1516:00:00
mitre
www.cve.org
2

AI Score

8.8

Confidence

High

EPSS

0.001

Percentile

39.3%

JSON

BigTree CMS through 4.2.17 relies on a substring check for CSRF protection, which allows remote attackers to bypass this check by placing the required admin/developer/ URI within a query string in an HTTP Referer header. This was found in core/admin/modules/developer/_header.php and patched in core/inc/bigtree/admin.php on 2017-04-14.

Related

osv 1
cve 1
openvas 1
prion 1
nvd 1
osv
osv
CVE-2017-7881
2017-04-15 16:59:00
cve
cve
CVE-2017-7881
2017-04-15 16:59:00
openvas
openvas
BigTree CMS <= 4.2.17 CSRF Vulnerability
2017-04-19 00:00:00
prion
prion
Cross site request forgery (csrf)
2017-04-15 16:59:00
nvd
nvd
CVE-2017-7881
2017-04-15 16:59:00

AI Score

8.8

Confidence

High

EPSS

0.001

Percentile

39.3%

JSON
Related for CVELIST:CVE-2017-7881
osv1cve1openvas1prion1nvd1