CVE-2017-8868

2017-05-10T01:29:00
ID CVE-2017-8868
Type cve
Reporter NVD
Modified 2017-05-17T14:15:23

Description

acp/core/files.browser.php in flatCore 1.4.7 allows file deletion via directory traversal in the delete parameter to acp/acp.php. The risk might be limited to requests submitted through CSRF.