Medium severity5.3NVD Advisory· Published Nov 1, 2018· Updated Jun 17, 2026
CVE-2018-18890
CVE-2018-18890
Description
MiniCMS 1.10 allows full path disclosure via /mc-admin/post.php?state=delete&delete= with an invalid filename.
Affected products
1Patches
Vulnerability mechanics
References
2- github.com/AvaterXXX/MiniCms/blob/master/Authentication%20and%20Information%20Exposure.mdnvdExploitThird Party Advisory
- www.patec.cn/newsshow.phpnvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.