Tangxiaofeng7

**Name of the Vulnerable Software and Affected Versions** BigTree version 4.3 **Description** The issue allows for full path disclosure through authenticated input in the admin/news section, which triggers a syntax error. It is noted that this issue requires full developer level access to the content management system. **Recommendations** For BigTree version 4.3, consider restricting access to the admin/news section to prevent potential path disclosure. As a temporary workaround, limit the ability to trigger syntax errors in this section until a more permanent solution is available. At the moment, there is no information about a newer version that contains a fix for this issue.