3 matches found
CVE-2015-1577
Directory traversal vulnerability in u5admin/deletefile.php in u5CMS before 3.9.4 allows remote attackers to write to arbitrary files via a 1 .. dot dot or 2 full pathname in the f parameter...
CVE-2015-1577
CVE-2015-1577 is a directory-traversal vulnerability in u5CMS prior to 3.9.4, affecting the script u5admin/deletefile.php . The issue allows remote attackers to write (and via related advisories delete) arbitrary files by supplying traversal or full path names in the parameter f . Public advisori...
u5CMS 3.9.3 (deletefile.php) Arbitrary File Deletion Vulnerability
Summary u5CMS is a little, handy Content Management System for medium-sized websites, conference / congress / submission administration, review processes, personalized serial mails, PayPal payments and online surveys based on PHP and MySQL and Apache. Description Input passed to the 'f' parameter...