CVE-2020-18888

Beschreibung:
Arbitrary File Deletion vulnerability in puppyCMS v5.1 allows remote malicious attackers to delete the file/folder via /admin/functions.php.

CWE: CWE-94

CVSS-Bewertung
CVSS 2: HIGH – 7.5 (Version: 2.0)
CVSS 3: CRITICAL – 9.8 (Version: 3.1)

Links:

NVD – CVE-2020-18888
CVE – CVE-2020-18888

Link (max. 20) Quelle Tags
https://github.com/choregus/puppyCMS/issues/15 MISC Exploit Third Party Advisory
https://opendistro.github.io/for-elasticsearch-docs/version-history/ MISC Release Notes Vendor Advisory
https://play.google.com/store/apps/details?id=com.coolkit&hl=en_US MISC Exploit Third Party Advisory

Quelle: NVD – CVE-2020-18888
Datum Veröffentlichung: 2021-05-06T18:15Z, Datum letzte Änderung: 2021-05-06T18:18Z