Описание
A File Deletion vulnerability exists in TinyShop 3.1.1 in the back_list parameter in controllers\admin.php, which could let a malicious user delete any file such as install.lock to reinstall cms.
Ссылки
- Broken Link
- Broken Link
- ExploitThird Party Advisory
- ExploitThird Party Advisory
- Broken Link
- Broken Link
- ExploitThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:tinyrise:tinyshop:3.1.1:*:*:*:*:*:*:*
EPSS
Процентиль: 58%
0.00363
Низкий
8.1 High
CVSS3
5.5 Medium
CVSS2
Дефекты
NVD-CWE-noinfo
Связанные уязвимости
CVSS3: 8.1
github
почти 4 года назад
A File Deletion vulnerability exists in TinyShop 3.1.1 in the back_list parameter in controllers\admin.php, which could let a malicious user delete any file such as install.lock to reinstall cms.
EPSS
Процентиль: 58%
0.00363
Низкий
8.1 High
CVSS3
5.5 Medium
CVSS2
Дефекты
NVD-CWE-noinfo