CVE-2018-20790
02/25/2019
CVE-2018-20790
tecrail Responsive FileManager 9.13.4 allows remote attackers to delete an arbitrary file as a consequence of a paths[0] path traversal mitigation bypass through the delete_file action in execute.php.
Attack vector:
Network
Product:
tecrail: responsive_filemanager
References:
https://www.exploit-db.com/exploits/45987
Severity:
Medium
CVSS Score:
6.4
CVSS Vector:
(AV:N/AC:L/Au:N/C:N/I:P/A:P)
Don't forget to share
