CVE-2016-10223 in BigTreeالمعلومات

الملخص

بحسب MITRE

An issue was discovered in BigTree CMS before 4.2.15. The vulnerability exists due to insufficient filtration of user-supplied data in the "id" HTTP GET parameter passed to the "core/admin/adjax/dashboard/check-module-integrity.php" URL. An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable website.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

حجز

12/02/2017

إفشاء

14/02/2017

الاعتدال

تمت الموافقة

إدخال

VDB-96950

CPE

جاهز

CWE

CWE-284 (مؤكد)

CVSS

5.4 (NVD)

EPSS

0.00510

KEV

لا

النشاطات

منخفض جدًا

القطاع

Lawfirm, Hostingprovider, ...

المصادر

MITRE	https://www.cve.org/CVERecord?id=CVE-2016-10223
NVD	https://nvd.nist.gov/vuln/detail/CVE-2016-10223
CVE Details	https://www.cvedetails.com/cve/CVE-2016-10223/

التالي ▸نظرة عامة ◂ السابق

Do you know our Splunk app?

Download it now for free!