3 matches found
CVE-2023-53902 WebsiteBaker 2.13.3 Directory Traversal via Media Delete Endpoint
WebsiteBaker 2.13.3 contains a directory traversal vulnerability that allows authenticated attackers to delete arbitrary files by manipulating directory path parameters. Attackers can send crafted GET requests to /admin/media/delete.php with directory traversal sequences to delete files outside t...
CVE-2023-53902 WebsiteBaker 2.13.3 Directory Traversal via Media Delete Endpoint
WebsiteBaker 2.13.3 contains a directory traversal vulnerability that allows authenticated attackers to delete arbitrary files by manipulating directory path parameters. Attackers can send crafted GET requests to /admin/media/delete.php with directory traversal sequences to delete files outside t...
CVE-2023-53902
CVE-2023-53902 affects WebsiteBaker 2.13.3 with a directory traversal vulnerability in the /admin/media/delete.php endpoint. An authenticated attacker can delete arbitrary files by manipulating directory path parameters, exploiting traversal sequences to access files outside the intended director...