CVE-2018-18936

2018-11-0509:29:00

Google

osv.dev

7.1 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

52.4%

JSON

An issue was discovered in PopojiCMS v2.0.1. admin_library.php allows remote attackers to delete arbitrary files via directory traversal in the po-admin/route.php?mod=library&act=delete id parameter.

CPENameOperatorVersion
popojicmseq2.0.0
popojicmseq2.0.1

CPE	Name	Operator	Version
	popojicms	eq	2.0.0
	popojicms	eq	2.0.1

References

github.com/PopojiCMS/PopojiCMS/issues/15