CVE-2018-16141

Posted on by admin

CVE-2018-16141

ThinkCMF X2.2.3 has an arbitrary file deletion vulnerability in do_avatar in applicationUserControllerProfileController.class.php via an imgurl parameter with a .. sequence. A member user can delete any file on a Windows server.

Source: CVE-2018-16141

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다