bigtreecms security advisories

2 threat alerts tracking vulnerabilities and security advisories that affect bigtreecms products.

Vulnios monitors bigtreecms CVE feeds, vendor advisories, CISA KEV listings, and exploit-prediction data continuously. Each alert below is enriched with severity, exploitation status, affected products, and a remediation path. Use this page to scan recent bigtreecms security news in one place, or click into an individual alert for full detail.

Critical Vulnerability: CVE-2017-9364 — bigtreecms — bigtree_cms
Unrestricted File Upload exists in BigTree CMS through 4.2.18: if an attacker uploads an 'xxx.pht' or 'xxx.phtml' file, they could bypass a safety check and execute any code.
criticalCVE-2017-9364
Critical Vulnerability: CVE-2017-7695 — bigtreecms — bigtree_cms
Unrestricted File Upload exists in BigTree CMS before 4.2.17: if an attacker uploads an 'xxx.php[space]' file, they could bypass a safety check and execute any code.
criticalCVE-2017-7695

Track bigtreecms exposure across your environment

Vulnios automatically cross-references your asset inventory against new bigtreecms CVEs and surfaces only what affects you. No more sifting manually — actionable findings only.

Start a free scan

bigtreecms security advisories

Critical Vulnerability: CVE-2017-9364 — bigtreecms — bigtree_cms

Critical Vulnerability: CVE-2017-7695 — bigtreecms — bigtree_cms

Track bigtreecms exposure across your environment