Lucene search
GoogleOSV:CVE-2020-26670HistoryJun 01, 2021 - 3:15 p.m.
CVE-2020-26670
2021-06-0115:15:07
Google
osv.dev
1
A vulnerability has been discovered in BigTree CMS 4.4.10 and earlier which allows an authenticated attacker to execute arbitrary commands through a crafted request sent to the server via the ‘Create a New Setting’ function.
| CPE | Name | Operator | Version |
|---|---|---|---|
| bigtree-cms | eq | 4.2.14 | |
| bigtree-cms | eq | 4.2.17 | |
| bigtree-cms | eq | 4.0 | |
| bigtree-cms | eq | 4.3 | |
| bigtree-cms | eq | 4.4.5 | |
| bigtree-cms | eq | 4.4.10 | |
| bigtree-cms | eq | RC2 | |
| bigtree-cms | eq | 4.0RC2 | |
| bigtree-cms | eq | 4.4.4 | |
| bigtree-cms | eq | 4.4.9 |
References
Related
nvd
nvd
CVE-2020-26670
2021-06-01 15:15:07
cve
cve
CVE-2020-26670
2021-06-01 15:15:07
cvelist
cvelist
CVE-2020-26670
2021-06-01 14:13:25
prion
prion
Design/Logic Flaw
2021-06-01 15:15:00
openvas
openvas
BigTree CMS Multiple Vulnerabilities (Sep 2020)
2021-06-02 00:00:00