Arbitrary file deletion

2019-09-0902:15:00

PRIOn knowledge base

www.prio-n.com

0.65 Medium

EPSS

Percentile

97.9%

In Kartatopia PilusCart 1.4.1, the parameter filename in the file catalog.php is mishandled, leading to …/ Local File Disclosure.

CPENameOperatorVersion
piluscartle1.4.1

CPE	Name	Operator	Version
	piluscart	le	1.4.1

References

www.exploit-db.com/exploits/47315

zerodays.lol/

0.65 Medium

EPSS

Percentile

97.9%

Related for PRION:CVE-2019-16123