VYPR
High severity7.5NVD Advisory· Published Dec 28, 2018· Updated Jun 17, 2026

CVE-2018-20571

CVE-2018-20571

Description

DamiCMS 6.0.1 allows remote attackers to read arbitrary files via a crafted admin.php?s=Tpl/Add/id request, as demonstrated by admin.php?s=Tpl/Add/id/.\Public\Config\config.ini.php to read the global configuration file.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Damicms/Damicmsinferred2 versions
    = 6.0.1+ 1 more
    • (no CPE)range: = 6.0.1
    • (no CPE)range: 6.0.1

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.