cpe:/a:bigtreecms:bigtree_cms:4.2.16 CVE-2017-7695 2017-04-11T19:59:00.237-04:00 2017-04-17T12:55:36.003-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2017-04-16T18:06:38.677-04:00 MISC http://www.math1as.com/bigtree_upload.txt MISC https://github.com/bigtreecms/BigTree-CMS/commit/8cf4212ea40e1b843e1aecf4b24681b0964ec04c MISC https://github.com/bigtreecms/BigTree-CMS/issues/276 Unrestricted File Upload exists in BigTree CMS before 4.2.17: if an attacker uploads an 'xxx.php[space]' file, they could bypass a safety check and execute any code.