Browse all 4 CVE security advisories affecting BiggiDroid. AI-powered Chinese analysis, POCs, and references for each vulnerability.
BiggiDroid is an Android application primarily used for device customization and theme modification. Historically, it has been associated with multiple critical vulnerabilities, including remote code execution (RCE) and cross-site scripting (XSS) flaws, often stemming from improper input validation and insecure data handling. The application has also exhibited privilege escalation issues due to excessive permissions and insecure implementation of core functions. While no major public security incidents have been widely documented, its four recorded CVEs highlight consistent security weaknesses in its architecture, particularly around data processing and permission management, posing risks to user devices and data integrity.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-15495 | BiggiDroid Simple PHP CMS editsite.php unrestricted upload — Simple PHP CMSCWE-434 | 4.7 | Medium | 2026-01-09 |
| CVE-2025-15263 | BiggiDroid Simple PHP CMS Admin Login login.php sql injection — Simple PHP CMSCWE-89 | 7.3 | High | 2025-12-30 |
| CVE-2025-15262 | BiggiDroid Simple PHP CMS Site Logo edit.php unrestricted upload — Simple PHP CMSCWE-434 | 4.7 | Medium | 2025-12-30 |
| CVE-2025-15169 | BiggiDroid Simple PHP CMS editsite.php sql injection — Simple PHP CMSCWE-89 | 4.7 | Medium | 2025-12-29 |
This page lists every published CVE security advisory associated with BiggiDroid. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.