6.8 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
36.9%
acp/core/files.browser.php in flatCore 1.4.7 allows file deletion via directory traversal in the delete parameter to acp/acp.php. The risk might be limited to requests submitted through CSRF.
github.com/flatCore/flatCore-CMS/issues/30