CVE-2018-19329

Published November 17th, 2018

View on NVD ↗

CVSS v3

N/A

CVSS v2

5.5

MEDIUM

Affected

PROJECT

Description

GreenCMS v2.3.0603 allows remote authenticated administrators to delete arbitrary files by modifying a base64-encoded pathname in an m=admin&c=media&a=delfilehandle&id= call, related to the m=admin&c=media&a=restorefile delete button.

GreenCMS/GreenCMS

GreenCMS v2.x Based on ThinkPHP 3.2 Framwork

GitHub

124