CVE-2018-16774

HongCMS 3.0.0 allows arbitrary file deletion via a ../ in the file parameter to admin/index.php/language/ajax?action=delete.
References
Link Resource
https://github.com/Neeke/HongCMS/issues/6 Exploit Third Party Advisory
Configurations

Configuration 1

cpe:2.3:a:hongcms_project:hongcms:3.0.0:*:*:*:*:*:*:*

Information

Published : 2018-09-10 04:29

Updated : 2018-09-24 08:52


NVD link : CVE-2018-16774

Mitre link : CVE-2018-16774

Products Affected
No products.
CWE