Unrated severityNVD Advisory· Published Nov 1, 2018· Updated Sep 17, 2024
CVE-2018-18891
CVE-2018-18891
Description
MiniCMS 1.10 allows file deletion via /mc-admin/post.php?state=delete&delete= because the authentication check occurs too late.
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2- github.com/AvaterXXX/MiniCms/blob/master/Authentication%20and%20Information%20Exposure.mdmitrex_refsource_MISC
- www.patec.cn/newsshow.phpmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.