A SQL injection vulnerability exists in /core/feeds/custom.php in BigTree CMS 4.4.10 and previous versions which allows an authenticated malicious user to inject a malicious SQL query to the applications via the 'Create New Feed' function.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
bigtreecms bigtree cms |