Описание
Path Traversal in iCMS v7.0.13 allows remote attackers to delete folders by injecting commands into a crafted HTTP request to the "do_del()" method of the component "database.admincp.php".
Ссылки
- ExploitIssue TrackingThird Party Advisory
- ExploitIssue TrackingThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:idreamsoft:icms:7.0.13:*:*:*:*:*:*:*
EPSS
Процентиль: 89%
0.04312
Низкий
9.1 Critical
CVSS3
6.4 Medium
CVSS2
Дефекты
CWE-22
Связанные уязвимости
github
больше 3 лет назад
Path Traversal in iCMS v7.0.13 allows remote attackers to delete folders by injecting commands into a crafted HTTP request to the "do_del()" method of the component "database.admincp.php".
EPSS
Процентиль: 89%
0.04312
Низкий
9.1 Critical
CVSS3
6.4 Medium
CVSS2
Дефекты
CWE-22