VYPR
Critical severity9.1NVD Advisory· Published Feb 22, 2019· Updated Jun 17, 2026

CVE-2019-9015

CVE-2019-9015

Description

A Path Traversal vulnerability was discovered in MOPCMS through 2018-11-30, leading to deletion of unexpected critical files. The exploitation point is in the "column management" function. The path added to the column is not verified. When a column is deleted by an attacker, the corresponding directory is deleted, as demonstrated by ./ to delete the entire web site.

Affected products

2
  • Mopcms/Mopcmsinferred2 versions
    <= 2018-11-30+ 1 more
    • (no CPE)range: <= 2018-11-30
    • (no CPE)range: <=2018-11-30

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.