CVE-2018-16237

2018-08-3022:00:00

mitre

www.cve.org

3.8 Low

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

26.1%

JSON

An issue was discovered in damiCMS V6.0.1. There is Directory Traversal via ‘|’ characters in the s parameter to admin.php, as demonstrated by an admin.php?s=Tpl/Add/id/c:|windows|win.ini URI.

References

github.com/howchen/howchen/issues/2