CVE Vulnerability
CVE-2018-19197
An issue was discovered in XiaoCms 20141229. admincontrollerdatabase.php allows arbitrary directory deletion via admin/index.php?c=database&a=import&paths[]=../ directory traversal.
References
| Link | Resource |
|---|---|
| https://www.patec.cn/newsshow.php?cid=24&id=136 | Broken Link Third Party Advisory |
| https://github.com/AvaterXXX/XiaoCms/blob/master/DIR_DEL.md | Exploit Third Party Advisory |
Configurations
Configuration 1
|
Information
Published : 2018-11-12 05:29
Updated : 2019-01-23 04:20
NVD link : CVE-2018-19197
Mitre link : CVE-2018-19197
Products Affected
No products.
CWE