Количество 2
Количество 2
CVE-2020-29555
The BackupDelete functionality in Grav CMS through 1.7.0-rc.17 allows an authenticated attacker to delete arbitrary files on the underlying server by exploiting a path-traversal technique. (This vulnerability can also be exploited by an unauthenticated attacker due to a lack of CSRF protection.)
GHSA-gpmf-q5jh-hjx4
Grav CMS Arbitrary File Deletion
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2020-29555 The BackupDelete functionality in Grav CMS through 1.7.0-rc.17 allows an authenticated attacker to delete arbitrary files on the underlying server by exploiting a path-traversal technique. (This vulnerability can also be exploited by an unauthenticated attacker due to a lack of CSRF protection.) | CVSS3: 8.1 | 4% Низкий | почти 5 лет назад |
| GHSA-gpmf-q5jh-hjx4 Grav CMS Arbitrary File Deletion | CVSS3: 8.1 | 4% Низкий | больше 3 лет назад |
Уязвимостей на страницу