BigTree CMS 4.5.7 - Stored Cross-Site Scripting via Developer Settings ID Parameter
Cross Site Scripting vulnerability in BigTree CMS v.4.5.7 allows a remote attacker to execute arbitrary code via the ID parameter in the Developer Settings functions.