Unrated severityNVD Advisory· Published Jan 30, 2019· Updated Aug 4, 2024
CVE-2019-7235
CVE-2019-7235
Description
An issue was discovered in idreamsoft iCMS 7.0.13. admincp.php?app=apps&do=save allows directory traversal via _app=/../ to designate an arbitrary directory because of an apps.admincp.php error. This directory can then be deleted via an admincp.php?app=apps&do=uninstall request.
Affected products
2= 7.0.13+ 1 more
- (no CPE)range: = 7.0.13
- (no CPE)range: = 7.0.13
Patches
Vulnerability mechanics
References
1- github.com/idreamsoft/iCMS/issues/52mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.