CVE-2018-10364 – BigTree CMS Cross-Site Scripting Vulnerability

Description

BigTree before 4.2.22 has XSS in the Users management page via the name or company field.

Vulnerability Information

Product / Framework: Bigtreecms
Vendor Domain: www.bigtreecms.org
Vulnerability Type: N/A
CVE Details: View Full CVE Details →

You may also enjoy…

The Story of a Perfect Exploit Chain: Six Bugs That Looked Harmless Until They Became Pre-Auth RCE in a Security Appliance

Jan 2026
Inside PostHog: How SSRF, a ClickHouse SQL Escaping 0day, and Default PostgreSQL Credentials Formed an RCE Chain (ZDI-25-099, ZDI-25-097, ZDI-25-096)

Dec 2025
The Chessboard of Security: Insights on Product Development and Vulnerabilities from a Hacker Perspective

Nov 2025
Digital Cosmos: A Journey Through the Galaxy of Vulnerabilities

Oct 2025
CVE-2021-3825 | LiderAhenk 0day – All your PARDUS Clients Belongs To Me

Dec 2021