CVE-2017-8868

Published May 10th, 2017

View on NVD ↗

CVSS v3

N/A

CVSS v2

MEDIUM

Affected

PROJECT

Description

acp/core/files.browser.php in flatCore 1.4.7 allows file deletion via directory traversal in the delete parameter to acp/acp.php. The risk might be limited to requests submitted through CSRF.

flatCore/flatCore-CMS

flatCore is a Web Content Management System (CMS) based on PHP and MySQL/SQLite.

GitHub