CVE-2019-8411

Published February 17th, 2019

View on NVD ↗

CVSS v3

N/A

CVSS v2

6.4

MEDIUM

Affected

1

PROJECT

Description

admin/dl_data.php in zzcms 2018 (2018-10-19) allows remote attackers to delete arbitrary files via action=del&filename=../ directory traversal.

GitHub