2 matches found
CVE-2018-16320
CVE-2018-16320 affects idreamsoft iCMS 7.0.11. A directory traversal flaw in admincp.php?app=config enables arbitrary PHP code execution from a ZIP file. Root cause: path traversal in the configuration admin endpoint. Impact: arbitrary code execution; exploitation status is not provided in the do...
CVE-2018-16320
idreamsoft iCMS 7.0.11 allows admincp.php?app=config Directory Traversal, resulting in execution of arbitrary PHP code from a ZIP file...