15 Avr 2017
CVE-2017-7881 - CVE Vulnerability
BigTree CMS through 4.2.17 relies on a substring check for CSRF protection, which allows remote attackers to bypass this check by placing the required admin/developer/ URI within a query string in an HTTP Referer header. This was found in core/admin/modules/developer/_header.php and patched in core/inc/bigtree/admin.php on 2017-04-14. (CVSS:0.0) (Last Update:2017-04-15)
Vulnerability Details : BigTree CMS through 4.2.17 relies on a substring check for CSRF protection, which allows remote attackers to bypass this check by placing the required admin/developer/ URI within a query string in an HTTP Referer header. This was found in core/admin/modules/developer/_header.php and patched in core/inc/bigtree/admin.php on 2017-04-14. Publish Date : 2017-04-15 Last Update Date : 2017-04-15 - CVSS Scores & Vulnerability Types
- Products Affected By CVE-2017-7881
- References For CVE-2017-7881
| |||||||||||||||||||||||||||||||||||||||||||||||
- Metasploit Modules Related To CVE-2017-7881There are not any metasploit modules related to this CVE entry (Please visit www.metasploit.com for more information) |