Medium severity6.5OSV Advisory· Published Jan 23, 2018· Updated Jun 17, 2026
CVE-2018-6022
CVE-2018-6022
Description
Directory traversal vulnerability in application/admin/controller/Main.php in NoneCms through 1.3.0 allows remote authenticated users to delete arbitrary files by leveraging back-office access to provide a ..\ in the param.path parameter.
Affected products
1Patches
Vulnerability mechanics
References
1- blackwolfsec.cc/2018/01/22/Nonecms/nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.