PT-2023-11605 · Duxcms · Duxcms

Name of the Vulnerable Software and Affected Versions: DuxCMS version 2.1 Description: A directory traversal issue allows attackers to delete arbitrary files via the /admin/AdminBackup/del API endpoint. This enables attackers to potentially disrupt system functionality or destroy sensitive data...