Medium severity5.5NVD Advisory· Published Oct 29, 2021· Updated Jun 17, 2026
CVE-2020-25881
CVE-2020-25881
Description
A vulnerability was discovered in the filename parameter in pathindex.php?r=cms-backend/attachment/delete&sub=&filename=../../../../111.txt&filetype=image/jpeg of the master version of RKCMS. This vulnerability allows for an attacker to perform a directory traversal via a crafted .txt file.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- RKCMS/RKCMSdescription
Patches
Vulnerability mechanics
References
2- github.com/AubreyJun/cms/issues/2nvdExploitThird Party Advisory
- www.ranko.cn/index.htmlnvdVendor Advisory
News mentions
0No linked articles in our index yet.