3 matches found
CVE-2020-21554
A File Deletion vulnerability exists in TinyShop 3.1.1 in the backlist parameter in controllers\admin.php, which could let a malicious user delete any file such as install.lock to reinstall cms...
CVE-2020-21554
creationtimestamp| type| source ---|---|--- 2022-03-25 19:30:48+00:00| seen| https://t.me/cibsecurity/39541...
CVE-2020-21554
CVE-2020-21554 affects TinyShop 3.1.1. A vulnerability in the back_list parameter of controllers\admin.php can enable a malicious user to delete arbitrary files (e.g., install.lock), potentially reinstalling the CMS. The root cause is a file-deletion flaw in the affected parameter handling, allow...